What are the primary security issues for routing on the Inte

What are the primary security issues for routing on the Internet and how can these be mitigated?

Solution

Routing security has recently begun to attract more attention specifically around Border Gateway Protocol (BGP) on the public Internet. It attacks not the Internet\'s BGP tables but the routing systems within our own network. Because of some of the sniffing-based attacks, an enterprise routing infrastructure can easily be attacked with man-in-the-middle and other attacks designed to corrupt or change the routing tables with the following effects

Traffic redirection: In Traffic redirection attack, the adversary is able to redirect traffic, this enabling attacker to modifying the traffic in transit or it can simply sniff packets.

Traffic sent to a routing black hole: here the attacker can send specific routes to null, and kicking IP addresses off our own network

Router denial-of-service: when attacking the routing process can damage the router or a severe degradation of service.

Routing protocol Dos: A routing protocol attack could be launched to stop the routing process from router table functioning properly

Unauthorized route prefix origination: This attack aims to introduce a new prefix into the route table that shouldn\'t be there.

Message authentication while giving credentials can also help prevent the spoofing or modification of a valid routing protocol message. In addition, the transport layer protocol such as TCP for BGP can further complicate message spoofing because of the difficulty in guessing initial sequence numbers

Excess packets can be stopped through the use of traditional DoS mitigation techniques.