BGP

Question 1

What defines an Autonomous System (AS)?

Answer 1

A collection of IP prefixes under a single administrative entity with a common routing policy.

Question 2

Name types of BGP routing attacks.

Answer 2

Blackholing, redirection, instability, prefix hijacking.

Question 3

What is prefix hijacking?

Answer 3

Announcing unauthorized prefixes to redirect or drop traffic.

Question 4

What causes BGP security issues?

Answer 4

Lack of authentication, misconfigurations, and susceptibility to eavesdropping and manipulation.

Question 5

How can BGP threats be mitigated?

Answer 5

Neighbor authentication, TTL checks, prefix restrictions, and access control lists (ACLs).

Question 6

What is Secure BGP (S-BGP)?

Answer 6

A system where nodes sign announcements to authenticate paths.

Question 7

How does BGPSec enhance BGP security?

Answer 7

By digitally signing AS path updates and leveraging RPKI for origin validation.

Question 8

What is Resource Public Key Infrastructure (RPKI)?

Answer 8

A PKI mapping AS numbers and IP prefixes to public keys for secure announcements.

Question 9

What is a DoS attack? (Denial of Service)

Answer 9

Overwhelming a victim with traffic to deny legitimate access.

Question 10

How can spoofing be prevented?

Answer 10

Using BCP 38, ingress filtering, source address validation, and IP traceback.

Question 11

What is the Mirai botnet?

Answer 11

Malware that infects vulnerable IoT devices, turning them into a network used to launch large-scale distributed denial-of-service (DDoS) attacks, often exploiting weak passwords and outdated firmware.

Question 12

What are IP traceback methods?

Answer 12

Logging, input debugging, controlled flooding, and marking.