【摘要】 针对边界网关协议(BGP)路由策略提出一个可以造成流量劫持的BGP协议安全漏洞——多出口描述符(MED)漏洞.4字节自治域号的引入造成BGP设备部分私有配置失效,在毫不知情的情况下导致数据流量被劫持到邻近的网络服务提供商,带来严重安全威胁.在Cisco环境下的仿真实验结果表明,MED漏洞无感地转移数据流量,可利用该漏洞部署中间人攻击.更多还原

【Abstract】 A new border gateway protocol(BGP) security problem,multi-exit-discriminator(MED) vulnerability,has been discovered,which could be abused in data hijacking.For the reason that BGP devices may not operate as expected with the extension of 4-octet autonomous system(AS) number,data streams could be diverted to other Internet service providers unconsciously and bring serious threat to the global network.In addition the weakness is simulated under the environment of Cisco routers,and a kind of man-in-the-middle data hijack based on the MED flaw is implemented and verified through the experiment.更多还原