Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Suspected Traffic Hijacking Turns Out To Be BGP Mishap
#1
[Image: tic-tac-toe-google-1538998296.jpg]


    In news this week, Google users on Monday faced some complications when the site was down for over an hour. What was originally suspected was that traffic was hijacked by a Nigerian ISP, but what was found out is that it was an issue related to the BGP. 

  Ameet Naik, Technical Marketing Manager at ThusandEyes explained that according to a report, the firm was initially facing problems while trying to connect to G-Suite, afterwards they got to work trying to fix the problem. This resulted in them seeing that Google's traffic was dropping at China Telecom from numerous ThousandEyes vantage points all over the world. 


  They stated this: 


  “Traffic from Paris to www.google.com resolved to 216.58.204.132. While Google announces many /24 prefixes to cover its IP address range, this address was not covered by a /24 prefix. Instead, it was covered by a /19 prefix. We saw a suspicious announcement for 216.58.192.0/19 appear after about 12:45 pm PST with a convoluted AS path that included TransTelecom (AS 20485) in Russia, China Telecom (AS 4809) in China and MainOne (AS 37282), a small ISP in Nigeria. The traffic paths we saw mirrored the BGP AS Path, except all the traffic slammed into the great firewall, terminating at China Telecom edge router.”
  


   It was found out that the issue was a peering relationship between MainOne Cable Company, the Nigerian provider, and China Telecom. The issue seemed to have spread to other transit ISPs beside the first three. This stands to rule out any attack by malicious actors and also really points out the weaknesses of BGP.


   That was the news folks, have a good rest of the week and take it easy.


   ---Mad-Architect(RS)
   
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Question News New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts Mr.Kurd 0 319 03-13-2020, 11:15 AM
Last Post: Mr.Kurd
Tongue News Hackers are hijacking smart building access systems to launch DDoS attacks Mr.Kurd 0 465 02-02-2020, 08:09 PM
Last Post: Mr.Kurd
  News Suspected Capital One Hacker Requests Release: Mad-Architect 0 406 08-21-2019, 02:11 PM
Last Post: Mad-Architect
  News On-Going DNS Hijacking Operation: Mad-Architect 0 406 07-14-2019, 11:24 AM
Last Post: Mad-Architect
  News Large and Well Known Tech Giants Hacked: Chinese State Sponsored Actors Suspected Mad-Architect 0 364 06-28-2019, 10:16 AM
Last Post: Mad-Architect
  News Large Amount of European Traffic Oddly Re-routed Through China Telecom: Mad-Architect 0 407 06-08-2019, 01:24 PM
Last Post: Mad-Architect
  News MikroTik Routers Being Hijacked to Intercept Traffic Mad-Architect 0 539 09-05-2018, 02:07 PM
Last Post: Mad-Architect
  News Traffic sign near ICE headquarters hacked with “Abolish ICE” message Mr.Kurd 1 1,019 06-21-2018, 11:00 AM
Last Post: Legend



Users browsing this thread: 1 Guest(s)