AusCERT 2011: Routing systems 'based on gossip'

APNIC chief scientist slams security measures of routing, IPv6 won't help

IT managers are under threat from routing systems that are providing easy access for fraudsters, the Chief Scientist at the Asia Pacific Network Information Centre (APNIC) has claimed.

Speaking at the AusCERT conference on the Gold Coast, Geoff Huston said even with the implementation of IPV6, routers are not secure.

“How much of today’s routing system is lies?...even with IPV6, this is still a problem,” he said.

“Even if every last piece of anti-virus software on your machines and you were doing a fantastic job, it wont help - routing will be attacked every time and you can’t stop it.”

Check out Computerworld’s comprehensive guide for more information on AusCERT 2011.

Huston said fraudsters are looking at routers as a way of bringing down large infrastructure, comparing the security of routers to gossip.

“Today’s fraud industry is easy if you can attack routing...if I really wanted to bring down massive pieces of infrastructure, I’d just take you on in routing,” he said. “Routing is actually gossip - you tell me everything I know and I’ll tell you everything I know - in routing there is no way to address a lie.”

Huston slammed the IT and security industry, saying that the fact that no-one gets paid to audit routing has resulted in a lack of compliance.

“Routing auditing doesn’t get done because no-one gets paid to do it,” he said. “You’re left with a system that’s phenomenally lousy - no-one is prepared to spend money of it - we tolerate the fact that we live in an insecure routing system.”

Rather than blaming individual organisations, Huston said securing routers must be a collective task.

“Individually, none of you can do anything - there is nothing a single person can do about this,” he said. “Routing is something that you do in common - all you’re doing is trusting the fact that everyone is well intentioned.”

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags auscert 2011ipv6routers

More about CERT AustraliaetworkNIC

Show Comments