Traditionally, network operators have provided some kind of public read-only access to their current view of the BGP routing table, by the means of a "looking glass”.
In this talk we inspect looking glass instances from a security point of view, showing many shortcomings and flaws which could let a malicious entity take control of critical devices connected to them.
In particular, we will highlight how easy it is for a low-skilled attacker to gain access to core routers within multiple ISP infrastructures.
Luca is currently a research engineer at Eurecom in Sophia-Antipolis (FR). He graduated as a Systems and Networks Engineer at Telecom Paristech and Politecnico di Torino, and is a Debian Developer and an active FLOSS evangelist. Luca's research area includes security of embedded devices, Internet core infrastructure and mobile networks (GSM/LTE). Twitter: @lucabruno
Mariano is currently a Ph.D. student in the Software and Systems Security group of Eurecom in Sophia-Antipolis (France). He earned a Master of Science in Computer and Communication Networks from Politecnico di Torino (Italy). Mariano is interested in challenging security researches, ranging from hypervisors to backbone routers. Twitter: @emd3l