Re: Using unallocated address space - for DoS?

[Sean Donelan <sean () donelan com>]

On Wed, 14 February 2001, "Miguel A.L. Paraz" wrote:
> On Wed, Feb 14, 2001 at 09:21:32AM -0500, Steven M. Bellovin wrote:
> > You don't have to break into the "right" router; you just have to start 
> > announcing the networks in a way that your peers don't -- can't -- 
> > detect is improper.
>
> I did not mean that the network operator was malicious.  I meant, in the same
> way that vulnerable servers are broken into and used for DoS, can routers
> be broken into and do DoS via blackholes?  I think it is hard unless you 
> know the right combination of vulnerable router (sniffable LAN?) and
> unprotected upstream or peer.

Once again, you don't need to break into someone else's routers.  This
isn't an exploit list, so I'm not going to post a cookbook on how to do
it.  But due to the limited protection in some networks, it remains a
relatively simple attack or accident waiting to happen.

Why break into a bank, when you can push a button on the side of the
building and money comes out.  Unlike a cash machine, where you need
to know at least a PIN in addition to some working bank account number,
you can wipe out almost any IP address you don't like with essentially
no authentication.