Do the following questions from Chapter 4 of the text, but don't hand them in. Answers will be discussed in section on Thursday.

• 20, 22, 31, 36

Read the following sections of the cited papers. (You're not prohibited from reading other sections of these papers, or other references you find, but none of that should be required to answer the questions.)

Note that these papers were not written specifically for students whose exposure to networking was limited to the the first four chapters of the text, so it shouldn't be surprising, or upsetting, to encounter some sentences and terms that don't mean much to you. My reading of them, keeping in mind what material we've covered and what we haven't, is that you should be able to extract the main points without too much trouble, even if you have to skip over some small pieces from time to time.

• R. Mahajan, D. Wetherall, and T. Anderson. Understanding BGP Misconfiguration. Proc. ACM SIGCOMM 2002.
  Abstract; Sections 1-3, 8, 9, skim 4-5 to get an idea of the frequency at which problems occurred.

• J. Karlin, S. Forrest, and J. Rexford. Pretty Good BGP: Improving BGP by Cautiously Adopting Routes. Proc. Intl. Conf. on Network Protocols, Nov. 2006.
  Abstract; Sections 1, 2

• A. Ramachandran, N. Feamster. Understanding the Network-Level Behavior of Spammers. Proc. ACM SIGCOMM 2006.
  Abstract; Sections 1, 2, 3.1, 3.4, 6

Answer the following questions. Hand in your answers in class on Monday.

Question 1

The papers all talk about problems that can caused by errors in BGP, whether produced unintentionally or intentionally. Summarize briefly what those problems are. What symptoms, if any, would an end user (say, someone surfing the web) possibly notice for each?

A plausible implication of the observations made in the papers is that the manner in which IP prefixes are handed out and attached to the Internet exacerbates the potential problems with BGP. In particular, there is no simple way for one AS to do a sanity check on what it hears from another.

Consider trying to address that by imposing some restrictions on where prefixes could appear. For instance, as an extreme, suppose that they followed land-line telephone numbering, in the sense that a portion of a prefix would tell you something about a region in which the address must fall (much like area code and exchange for phone numbers).

Briefly discuss the trade-offs involved in this. How does it help insulate one AS from mistakes made by another? What does it make worse/harder?

What kinds of attacks can an adversary (more successfully) launch if it is able to perform BGP hijacking?

If you find yourself interested in this topic, I suggest the following additional reading:

• S. Murphy. BGP Security Vulnerabilities Analysis, RFC 4271, Jan. 2006.
  (This can be quite heavy going, at least after the introduction.)

• C. Kruegel, D. Mutz, W. Robertson, and F. Valeur. Topology-based detection of anomalous BGP messages. Proc. Symp. on Recent Advances in Intrusion Detection, Sept. 2003.