Je souhaiterais savoir quel est le protocole le moins vulnérable aux injections de fausses informations de routage.
En les considérant dans leurs dernières versions, quelles sont les vulnérabilités respectives de RIP, OSPF et BGP ?
Ils sont tous pourvus d'un mécanisme d'authentification permettant d'être sûr de l'origine des infos de routage, il me semble ?
Quelles autres caractéristiques peut-on dégager ?

up !

re up

flag

 
tu es intéressé par le sujet ? As-tu déjà des sources d'informations intéressantes ?
 
Je me suis documenté un peu, mais je ne veux pas rentrer complètement dans les détails. J'ai lu pas mal de choses sur le fonctionnement des protocoles, les nouvelles versions...
C'est juste pour se faire une idée dans le cadre d'un exposé...

les problèmes liés aux attaques par injection de routes sont peut + dues aux implémentations de ces protocoles qu'aux protocoles eux-même, non ?

 
je pense que ça l'est en partie. Mais à partir du moment où les spécifications présentent des vulnérabilités / ne prévoient pas certaines attaques, pourquoi leurs implémentations seraient sécurisées ?
 
j'ai trouvé un site intéressant avec des tests, des liens et des publications: http://www.cs.ucsb.edu/~rsg/Routing/index.html
 
j'essaie de me faire une idée avec toute la masse d'information qui y est présentée.

C'est un petit UP mais peut être que tu n'as pas eu de réponse.
 
Je pense qu'OSPF est un peu armé contre ça car il permet une authentification pour les dialogue inter-routeur.

Y'a bien Secure BGP mais c'est qu'un draft encore il me semble...

voilà ce que j'avais répondu à la question (les infos sont tirées d'un ou plusieurs documents, faudrait que je les retrouve si ça vous intéresse):
 
BGP
BGP (version 4) relies on TCP for exchanging routing information, it is a first weak point for
this protocol as TCP has been proven to face security problem. BGP is exposed to different
threats : eavesdropping, replay, message insertion, message deletion, man-in-the-middle,
Denial of Service (Dos).
Thus malicious BGP packet manipulation can introduce errors in routing tables or overflow it.
We could suggest that this is due to three primary security related limitations of BGP:
• BGP does not protect the integrity, freshness and source authentication of messages.
• BGP does not validate an AS’s authority to announce reachability information.
• BGP does not ensure the authenticity of the path attributes announced by an AS.
Some solutions are being tested to avoid all these security problems. The main proposition,
Secure BGP (S-BGP), is a comprehensive solution to BGP security. It attempts to address the
majority of security issues defined before. The S-BGP protocol and its architecture are
currently under consideration for standardization by the IETF.
 
OSPF and RIP
Three intrinsic mechanisms of OSPF (version 2) make it very robust and resilient to failures,
even to some malicious attacks :
• Flooding and information least dependency
LSAs are propagated by flooding; the flooding algorithm is reliable, which ensures all routers
in the same area have the same topological database. Consider either a single point (router)
failure case or an intruder trying to fake or modify other router’s information, as long as there
is an alternate path, good routers can always receive the messages, though they could be
conflict messages. This triggers an interesting phenomenon in OSPF: fight-back, good router
try to convince bad router by keep sending them correct information.
In a distance vector algorithm (e.g., RIP), each router sends only summarized information,
which is computational results based on reachability information from its neighbours. This
aggregate information has two implications. First, it is very hard for a router to validate the
information it receives; Second, even if a router detects incorrect information, it is still
difficult to determine the source of the information.
By comparison, for a link state routing algorithm such as the one used in OSPF, each router
generates information about its local topology (e.g., its neighbors), and forwards such
information to other routers via flooding. This has several advantages: every router
independently possesses the entire topology information for the network and each router is
responsible only for its own local portion of the topology, as long as any of its neighbour is
honest, it can get raw independent information through one hop further.
• Hierarchy routing and information hiding:
The primary goal of hierarchical routing is to deal with routing scalability issues (reduce
routing table size, link bandwidth and router computing resources). But, it has both robustness
and security advantages.
• Procedural checking and constraint:
The checking procedure for OSPF protocol to accept a packet is rigorous. Generally, it must
pass three checking gates : IP checking, OSPF general checking, OSPF packet specific
checking.
However, OSPF has weaknesses. There are three fields: metrics, sequence number and age
which are particularly vulnerable and therefore are the targets of usual attacks. However, with
Keyed-MD5 protection, most of these vulnerabilities could be eliminated except the age field.
RIP has been improved, as it incorporates authentication mechanism in its version 2.
To conclude, we can say OSPF is the most resistant routing protocol to attacks trying to inject
faulty routing information. Then RIP (version 2) provides security mechanism but as a
distance vector based protocol, we can consider it is less secure than OSPF. The last one,
BGP, seems to have important weaknesses even if exploits have not been used until now.