Kentik

MAY 2, 2018

In simple terms, Border Gateway Protocol (BGP) is the protocol that routes traffic on the Internet. During a BGP route hijack, an attacker advertises IP prefixes from an ASN that is not the normal originator. During last week’s attack, the attacker was redirecting traffic that belonged to Amazon’s Route 53 DNS servers.

IP Address 49

IP Address DNS UDP port Advertising 49

Kentik

JULY 8, 2019

Border Gateway Protocol (more commonly known as BGP ) is the routing protocol that makes the internet work. In this case it was due to more specific prefixes that should not have been advertised. One way to think about it is that RPKI is to BGP what DNSSEC is to DNS. It’s called RPKI. How Does RPKI Work?

Routers 58

Routers Protocol Internet Advertising 58

Confluent

JULY 1, 2019

KAFKA_LISTENER_SECURITY_PROTOCOL_MAP defines key/value pairs for the security protocol to use per listener name. The existing listener, called PLAINTEXT , just needs overriding to set the advertised hostname (i.e., For these comms, we need to use the internal IP of the EC2 machine (or hostname, if DNS is configured).

Port 101

Port IaaS DNS Networking 101

CATO Networks

MAY 7, 2024

We spotted advertisements for services for generating fake credentials and creating deep fakes. Many enterprises continue to run unsecured protocols across their WAN62% of all web traffic is HTTP, 54% of all traffic is telnet, and 46% of all traffic is SMB v1 or v2. Our data indicates that only 1% of DNS traffic utilizes Secure DNS.

SASE 52

SASE DNS Real Estate SMB 52

CATO Networks

AUGUST 17, 2021

BGP The Border Gateway Protocol (BGP) is a protocol for exchanging routing information between different autonomous systems (ASes) on the Internet. Each AS advertises which IP addresses it can route traffic to, helping traffic move from its source AS to the AS closest to its destination.

Networking 52

Networking Network NaaS SASE 52

Kentik

MARCH 13, 2019

The victim can update DNS to point at a different IP address in an attempt to get their application back up. However, if the attack is targeting the DNS hostname and not the IP address, the attack will just switch over to the new IP address. IP Protocol. The mitigation actually “completes the attack.” Destination Prefix.

IP Address 49

IP Address Port Routers DNS 49

Kentik

JUNE 5, 2023

Disruptions and attacks caused by BGP incidents In BGP parlance, the term “routing leak” broadly refers to a routing incident in which one or more BGP advertisements are propagated between ASes in a way they were not intended to. In 2018, attackers employed a BGP hijack that redirected traffic to Amazon’s authoritative DNS service.

IP Address 145

IP Address DNS Internet Routers 145