BGP software • BGP Utilities • BGP Attack Tree Development and testing

BGP MiTM can redirect traffic from major networks such as Google or Facebook to some custom ISP network

This exact use case was presented a few years back at Defcon16 in a presentation titled “Stealing The Internet, An Internet-Scale Man In The Middle Attack”. During this presentation the presenters, Tony Kapela and Alex Pilosov, demonstrated how one can launch a Man-in-The-Middle attack using CIAG BGP tools and redirect traffic for any destination from any location in the world by just introducing some new BGP announcements while staying relatively stealthy.

Tools
Description
Associated CIAG Project
Download
Cisco LMS 4.1 Active network lifecycle management solution Network monitoring ospfmon.com
BGP Leak checker Serial SCADA Protection On-Line Tool ospfmon.com
BGP Test Tools Full package of the following tools used to test BGP vulnerabilities BGP Attack Tree Development and testing ciag-bgp-tools-1.00.tar.gz
BGP Password Cracker libpcap-based RFC 2385 password cracker BGP Attack Tree Development and testing bgpcrack-2.1.tar.gz
TCP Testing Tool Blind sequence number guessing, RFC 2385 message generation and general purpose TCP test tool BGP Attack Tree Development and testing ttt-1.3.tar.gz
TCP Hijack Tool Simple proof of concept tool for injecting spoofed UPDATEs BGP Attack Tree Development and testing tcphijack-1.1.tar.gz
Modbus Firewall A Linux 2.4.x Netfilter Extension that permits filtering decisions (DROP, REJECT, etc.) based on application-layer values, allowing finer-grained access control for Modbus/TCP protocol Modbus Firewall http://modbusfw.sf.net
LOKI a Python based framework implementing many packet generation modules for Layer 3 protocols, including BGP, LDP, OSPF, VRRP and quite a few others BGP Attack Tree Development and testing loki-0.2.7.exe