Wednesday, November 13, 2013

Pakistan Hijacked Youtube - Prefix Hijack

Even a single fixed-route attack can destabilize a Network....!

Everyone remembers the time in 2008 when Pakistan Gov. put down orders to officially block YouTube broadcast in Pakistan. In response to this, Pakistan telecom blocked the YouTube telecast by the very old Prefix hijack, which resulted in YouTube being blocked.

How did this happen?

Pakistan Telecom provider tried to block YouTube in their homeland by advertising an unauthorized prefix route, to its providers. This newly defined prefix route ( 208.65.153.0/24) happens to be the more perfect destination route of the Youtube server ( 208.65.152.0/22). The upstream providers of the country relayed it to the Internet World, rerouting all of YouTube's traffic to Pakistan Telecom, thus blocking YouTube for all of its users worldwide.
Within 2 minutes from the first relay of the bad route, almost all the world providers carried the route.
Youtube alerted that the /24 prefix has been hijacked.
All the providers start dropping the erroneous route and carried out the /25 prefix thus getting Youtube back to its users.

Its times like this , the term BGP takes revival and fame. BGP - Border Gateway Protocol used in exchanging routing information within and between Autonomous systems (Google,Bank of America,Samsung,etc). 
This attack states a phenomenon  "Even when a router announces seriously bogus information,it will continue to announce the same bogus information for the duration of its attack".


No comments:

Post a Comment