Pakistan/YouTube incident: how common is hijacking

Chief Scientist at RIPE NCC, the European registry for Internet addresses, looks at what happened during Pakistan Telecom's hijacking of YouTube

When Pakistan Telecom blocked YouTube's traffic one Sunday evening in February, the ISP created an international incident that wreaked havoc on the popular video site for more than two hours.

RIPE NCC, the European registry for Internet addresses, has conducted an analysis of what happened during Pakistan Telecom's hijacking of YouTube's traffic and the steps that YouTube took to stop the attack.

We posed some questions to RIPE NCC's Chief Scientist Daniel Karrenberg about the YouTube incident. Here's what he had to say:

How frequently do hijacking incidents like the Pakistan Telecom/YouTube incident happen?

Misconfigurations of iBGP (internal BGP, the protocol used between the routers in the same Autonomous System) happen regularly and are usually the result of an error. One such misconfiguration caused the Pakistan Telecom/YouTube incident. It appears that the Pakistan Telecom/YouTube incident was not an "attack" as some have labeled it, but a configuration error.

What is significant about the YouTube incident?

This incident was significant simply because it affected a prominent Internet service and therefore caught the public's attention.

Your analysis shows that YouTube reacted 80 minutes after the attack and that the attack was over after about two hours. Can you put that timeframe in context? Is that fast or slow?

This is normal, perhaps on the quick side.

What could YouTube have done to stop the attack sooner?

Nothing. It's also worth noting, though, that if everyone were to announce /24s [relatively small blocks of address space], it would present a serious problem for the Internet routing system.

Is there any technology or standard on the horizon -- possibly DNS Security or Secure BGP -- that could help prevent these types of attacks?

Securing BGP certainly offers a solution for this attack. However, much could be done today without new technology if ISPs configured BGP properly.

Are other US Web sites vulnerable to a similar type of attack?

Yes.

What can network managers do to prevent or minimize these types of attacks?

Network managers should do what they can to ensure that their ISPs and peers configure BGP properly.

Can I get more information about RIPE's Routing Information Service tools that were used to observe this event? Are these tools available to enterprise network managers? How much do they cost?

There's a full introduction to RIPE NCC's Routing Information Services available. But in short, the tools are free to use, and the service is financed by the RIPE NCC membership for the benefit of the whole Internet community.

What about the BGPlay visualization tool (mentioned in the case study)? Is that available, too? How much does it cost?

Yes, BGPlay is available publicly and can be used free of charge. For more information, see this site.

Your case study mentions that the RIPE community is discussing the introduction of digital certificates for Internet number resources. How would this help avoid this type of attack? What is the status of that roll-out?

Certification, in this context, would be an enhancement for good BGP configuration. Discussions about the adoption of certification in the RIPE NCC service region are still being conducted, led by the RIPE Certification Task Force. More information on this task force, and on certification in general, is available at here.

Some decisions in this area are due to be made at RIPE 56 meeting in Berlin in May 2008.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Carolyn Duffy Marsan

Network World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Bitdefender 2019

This Holiday Season, protect yourself and your loved ones with the best. Buy now for Holiday Savings!

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?