Morning pedes,
I'm a sysadmin working for a small datacenter in Germany. Against 09:00 GMT we had calls from some of our customers, they were complaining about some service degradation: load times for websites slowed down, ssh connections got terminated, ftp traffic was slow.
Analyzing my systems led to no results, so I called my provider if there was an issue with our connection.
He said: "to make it short: the Internet is partially broken..." I said what? Yup, some issues with route announcements in the BGP routers around the world.
As I write this, he called me back to tell me the issue got solved. Some guy/group, whatever, was able to insert false route announcements at BGP level, this is insane.
Let's see what the day brings up, but this was pretty scary (well, for my customers and for my boss, for me it was pretty exciting). Eyes on.
Godspeed, frens
Hi fren.
If you were strategically blocking packets from overseas to America in order to prevent a Dominion steal? Could you do it by taking some of these servers offline, leaving most of the internet functioning?
I'm not a BGP expert, but false route announcements imo can be used to break the internet down or to re-route traffic to your preferred destination. So, yes, it could possibly be used to block/re-route Dominion traffic for the purpose of simply blocking it, or to capture it.
I am a BGP expert, and you're spot on :)
Yep.
To expand, BGP controls the routing of data, i.e. the path.
It's like the postal service saying all mail for destination A must first come to sorting station B via central station C. But if you wanted that mail to go via different sorting/central stations you'd mess with BGP (in the IT sense).
Say you want all the mail for a particular destination to go through the sorting centre that you have all the inspectors at and that you control. That would be pretty powerful. That's what dodgy modifications to BGP are capable of, if done right.
If you were to know which way the packets would be redirected on a BGP failure. maybe you could have put some rules in undetected on an alternative server on not-the-usual-route which would strip out or otherwise handle these packets.
I heard cybersecurity- NG is working behind the scenes as far as elections. Very possible they took it offline or set up secure networks?