|
|
|
|
Homework 4
Out: Monday November 7
Due: Monday November 14 (and Thursday November 10)
Do the following questions from Chapter 4 of the text,
but don't hand them in. Answers will be
discussed in section on Thursday.
Read the following sections of the cited papers. (You're not prohibited
from reading other sections of these papers, or other references you find,
but none of that should be required to answer the questions.)
Note that these papers were not written specifically for students whose
exposure to networking was limited to the the first four chapters of the
text, so it shouldn't be surprising, or upsetting, to encounter some sentences
and terms that don't mean much to you. My reading of them, keeping in mind
what material we've covered and what we haven't, is that you should be able
to extract the main points without too much trouble, even if you have to skip
over some small pieces from time to time.
- R. Mahajan, D. Wetherall, and T. Anderson.
Understanding BGP Misconfiguration.
Proc. ACM SIGCOMM 2002.
Abstract; Sections 1-3, 8, 9, skim 4-5 to get an idea of the frequency at which problems occurred.
- J. Karlin, S. Forrest, and J. Rexford.
Pretty Good BGP: Improving BGP by Cautiously
Adopting Routes.
Proc. Intl. Conf. on Network Protocols, Nov. 2006.
Abstract; Sections 1, 2
- A. Ramachandran, N. Feamster.
Understanding the Network-Level Behavior of Spammers.
Proc. ACM SIGCOMM 2006.
Abstract; Sections 1, 2, 3.1, 3.4, 6
Answer the following questions.
Hand in your answers in class on Monday.
Question 1
The papers all talk about problems that can caused by errors in BGP, whether
produced unintentionally or intentionally. Summarize briefly
what those problems are. What symptoms, if any,
would an end user (say, someone surfing
the web) possibly notice for each?
Question 2
A plausible implication of the observations made in the papers is that
the manner in which IP prefixes are handed out and attached to the Internet
exacerbates the potential problems with BGP. In particular, there is
no simple way for one AS to do a sanity check on what it hears from another.
Consider trying to address that by imposing some restrictions on where prefixes
could appear. For instance, as an extreme, suppose that they followed land-line
telephone numbering, in the sense that a portion of a prefix would tell you
something about a region in which the address must fall (much like area code
and exchange for phone numbers).
Briefly discuss the trade-offs involved in this. How does it help insulate one
AS from mistakes made by another? What does it make worse/harder?
Question 3
What kinds of attacks can an adversary (more successfully) launch if it
is able to perform BGP hijacking?
If you find yourself interested in this topic, I suggest the following
additional reading:
|