Google Public DNS Servers Hijacked on 16th March 2014

Google Public DNS Servers i.e., 8.8.8.8 (which are running in Anycast mode) was hijacked on 16th of March 2014 for the Internet users of Venezuela and Brazil for nearly 22 mins.

Google's Public DNS servers are used for "130 billion DNS queries on average (peaking at 150 billion) from more than 70 million unique IP addresses each day." This makes Google most popular Public DNS service in the Internet world.
It is suspected that Hackers exploited a well-know vulnerability in Border Gateway Protocol. There is no-way in BGP to check if particular IP address segment belongs to a particular ISP.
RPKI and BGPSEC are the solution of this flaw but these two protocols are still in initial phase and lot or works needs to be done on these protocols.

In this particular case, attack kept users from using the internet but no malicious activity has been traced till yet. No redirection of DNS traffic to rogue servers has been traced.
This lead to suspect that someone might have mis-configured the router which leads to an announcement of 8.8.8.0/24 segment from AS7908 (BT AS number) instead of AS15169 (Google AS number).

This is not the first time that Google DNS Server was hijacked. Previously in 2010 also, it has been Hijacked and traffic was redirected to Romania & Austria.

We still don't know what exactly has happened. We are waiting for an official announcement from Google (if they ever make the same). But this lead to show that how much vulnerable we are in the Internet world even today.

Availability of 5 GHz WLAN Channels in India under unlicensed band

Availability of 5 GHz WLAN Channels in India under unlicensed band In India, Wireless Planning and Coordination Wing of Department of Telecom, under Ministry of Communication takes care of licensing of radio frequencies. In the latest National Frequency allocation plan 2018 (https://dot.gov.in/sites/default/files/NFAP%202018.pdf), Government of India (GoI), exempted the licensing requirements of the following radio frequency ranges for wireless usage and a gazette notification has also published for this (https://dot.gov.in/sites/default/files/License%20Exemption%20in%205%20GHz%20G_S_R_1048%28E%29%20dated%2022nd%20October%2C%202018_0.pdf) -- 1. 5150-5250 2. 5250-5350 3. 5470-5725 4. 5725-5875 References

Identity PSK ( iPSK)

With the evolution of IoT (Internet of Things), devices that connect wirelessly have increased many folds. From webcams, Smartwatches, fitness bands, firestick, Alexa, Google Home, and many more.., everything is going wireless for connectivity and so does the security threat. The main concern with IoT devices is the unavailability of the full wireless protocol stack (and in the majority of devices, support of 802.1x is not available). So, previously we only have the WPA-PSK option for connecting the IoT devices. In WPA*-PSK (WPA or WPA2) WLAN, a Pre-Shared Key (PSK) is configured and distributed to all the clients that connect to the WLAN. This leads to PSK leakage, and it can be accessible to unauthorized users (due to the nature of common PSK across all the devices). Therefore, there was a need to provision unique PSK or Multiple PSK per SSID. Identity-PSKs are unique pre-shared keys created for clients/groups on the same WLAN. Features of iPSK:- 1.Unique PSK for individual Cli

Summary report of APNIC 55 (APRICOT 2023) Meeting held in Manila, Philippines

APNIC Logo The APNIC 55 meeting was held in Manila, Philippines from 20th Feb to 02nd March 2023. The meeting was hosted by PhNOG, The Philippine Network Operators Group (PhNOG) and supported by DOST- Advanced Science and Technology Institute. Every year, APNIC conferences are held twice, the first of each year is held in conjunction with APRICOT and the second one is a standalone conference. The last such meeting held in India was in 2012, APNIC 33 (which was in conjunction with APRICOT 2012). APNIC 55 meeting was unique in multiple senses – i. Firstly, because of the possibility of potential hijack [1] [2][3] of the APNIC Executive Council by Cloud Innovation Ltd. / Larus foundation / NRS, the same organizations which have dragged AFRINIC (RIR for African Continent) into the Mauritius supreme court and at one point nearly halted the AFRINIC operations by getting its bank accounts frozen (over 25 lawsuits have been filed against AFRINIC by Cloud Innovation Ltd.). Number

Gaurav Kansal Blog

Search This Blog