Israel Institute of Technology
Open Shortest Path First (OSPF) is the most widely deployed interior gateway routing protocol on the internet. The authors present two new attacks on OSPF that expose design vulnerabilities in the protocol specification. These new attacks can affect routing advertisements of routers not controlled by the attacker while evading the OSPF self-defense \"Fight-back\" mechanism. By exploiting these vulnerabilities an attacker can persistently falsify large portions of the routing domain's topology thereby giving the attacker control over how traffic is routed in the domain.