Through the Looking-Glass, and What Eve Found There

DEF CON 22

Presented by: Luca Bruno (kaeso), Mariano Graziano (emdel)
Date: Sunday August 10, 2014
Time: 11:00 - 11:50
Location: Track 3

Traditionally, network operators have provided some kind of public read-only access to their current view of the BGP routing table, by the means of a "looking glass”.

In this talk we inspect looking glass instances from a security point of view, showing many shortcomings and flaws which could let a malicious entity take control of critical devices connected to them.

In particular, we will highlight how easy it is for a low-skilled attacker to gain access to core routers within multiple ISP infrastructures.

Luca Bruno

Luca is currently a research engineer at Eurecom in Sophia-Antipolis (FR). He graduated as a Systems and Networks Engineer at Telecom Paristech and Politecnico di Torino, and is a Debian Developer and an active FLOSS evangelist. Luca's research area includes security of embedded devices, Internet core infrastructure and mobile networks (GSM/LTE). Twitter: @lucabruno

Mariano Graziano

Mariano is currently a Ph.D. student in the Software and Systems Security group of Eurecom in Sophia-Antipolis (France). He earned a Master of Science in Computer and Communication Networks from Politecnico di Torino (Italy). Mariano is interested in challenging security researches, ranging from hypervisors to backbone routers. Twitter: @emd3l


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats