Using unallocated address space - for DoS?


Unfortunately this is not a unique occurance. Cable&Wireless, Sprint,
AT&T and UUNET have all had portions of their service knocked off the
Internet for various periods of time due to bogus announcements. Until
other ISPs fix their policies, I can knock your network off most of the
Internet, and there is nothing you can do to prevent it.

I hope this is a remote possibility, but what are the chances of someone
malicious breaking into the "right" router and blackholing the worst possible
networks? If this is done, how long till it can be remedied?

You don't have to break into the "right" router; you just have to start
announcing the networks in a way that your peers don't -- can't --
detect is improper.

    --Steve Bellovin,

I did not mean that the network operator was malicious. I meant, in the same
way that vulnerable servers are broken into and used for DoS, can routers
be broken into and do DoS via blackholes? I think it is hard unless you
know the right combination of vulnerable router (sniffable LAN?) and
unprotected upstream or peer.