[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #10221 [Tor]: Implement BGP malicious route checks before publishing descriptor in consensus



#10221: Implement BGP malicious route checks before publishing descriptor in
consensus
-------------------------+---------------------
 Reporter:  anon         |          Owner:
     Type:  enhancement  |         Status:  new
 Priority:  normal       |      Milestone:
Component:  Tor          |        Version:
 Keywords:  BGP          |  Actual Points:
Parent ID:               |         Points:
-------------------------+---------------------
 Alternatively, treat as normal and simply flag the BGP route as malicious
 or not for the listed endpoints in a consensus.

 This is in response to observed, repeated, malicious route jacking attacks
 for specific address ranges through monkey-in-the-middle attackers.

 "Malicious route jacking" is explicitly mentioned here as distinct from
 anomalous route changes or advertisement behavior, nor does it encompass
 benign incompetence affecting widespread route behavior of an
 indiscriminate nature.

 See also:
 http://www.renesys.com/2013/11/mitm-internet-hijacking/
 http://www.renesys.com/2010/11/chinas-18-minute-mystery/

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10221>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs