Hacker Stole Up To $9,000 Worth of Bitcoin Every Day
By David Gilbert | IB Times – 2 hours 6 minutes ago
ricky l • Remove
Hm, these hackers seems to exploit the vulenrabilities of BGP by hijacking the connection point.Reply
Let us analyse how BGP routing connectiviy works.
(1) We have to specify the source AS (Autonomous System).
- router bgp 300
(2) Next we specifiy the neighbor router ip address and remote AS.
- neighbor 99.99.99.99 remote-as 100
(3) then we have to specify the password for connectivity to neighbor route
- neighbor 99.99.99.99 password xxxxxx
(no need to mention other bgp configuration works).
Wonder how does the hacker knows :-
(1) the source AS number
(2) the neighbor remote AS number
(3) both source and neighbor bgp password
- ricky l • Remove
Also if the source and destination BGP connection link are configure with IPSec VPN -
- crypto isakmp policy ....
- crypto isakmp key ....
- access-list 999 ip permit ....
- crypto ipsec transform-set .... ah-esp
- crypto map ......
- int serial0/0
- crypto map xxxx
- using strong sysmmetrical or asymmetrical keys -
- easy to crack meh? - ricky l • Remove
Also if need to hijack the BGP, i thought the hacker need to hijack, access and login to the ISP router first.
The ISP router will have to be authenticated first via RADIUS authentication to verify the credential from an authorised machine and then access via SSH from that authorised, authenticated machine using strong encryption key.
In this case, how does hacker manage to hijack the BGP when it is not even able to access both the authorised machine for access much less the router? - ricky l • Remove
A strong ssh (secure shell) to access the ISP router :-
(1) by configuring a ssh keypair-name to access router.
(2) by restricting the numnber of authentication retries - say 3 retries
(3) by logging suspected hacking events.
(4) by setting a quick time-out of a few seconds where hacker has very little time to hack.
(5) by configuring ssh v2 - a strong secure protocol
(6) by generating a very strong key.
How does a hacker hijack this ssh keypair and crack the ssh key to hack?
eg.
ip ssh authentication-retries 99
ip ssh logging events
ip ssh rsa keypair dkfj.dfdfd.ffdf
ip ssh time-out 99
ip ssh version 2
crypto key generate rsa general-keys modulus 99999
- ricky l • Remove
The PM say in the National Day eve :-
"You are talented, passionate and confident.
You deserve to chase your dreams and be the best that you can be.
We will also help you upgrade yourselves while you work.
We will help you to master specialised skills, and earn advanced qualifications as you progress in your careers.
Helping every one of you achieve your potential is not just a matter of continuing education and training. It is also a matter of social values. As Singaporeans, we must judge a person not just by his educational qualifications, but also by his skills, contributions and character. This is how we keep Singapore a land of hope and opportunity for all. "
I have all the above attributes as described above :-
I am talented, passionate and confident.
I deserve to chase my dreams and be the best that I can be.
I upgrade myself through my own effort.
I have master many specialised skiils.
I have educational qualifications, I also have skills, contributions and character.But I am an unemployed mature PMET.
I just need a job - and I know my contribution will be immense. - I can definitely play a part to take full advantage of technology to transform ourselves into an IT City, a Smart Nation.
-
OmnipotentWizard • Report Abuse
You do realise that (a) no one is reading your posts, and (b) people running the ISPs have better security experience than you.
ricky l • Remove
Down here we are sharing experience how to protect a virtual financial system - and you come here and talk nonsense.
ricky l • Remove
ISP experience is not good enough - because they are providing and provisionig computing resources and bandwidth to customers.
You will need enterprise IT experience.
You will also need designing IT for financial system - that are protecting money from being hacked and stolen.
That why - your novice comments is a give away that you are a novice in this domain but yet talking nonsense.
ricky l • Remove
And the experience shared - can make Bitcoin safer - so that people will not lose money through hacking.
And you come here and talk nonsense - and prevent people from making the system better.
So are you a devil or messiah?
ricky l • Remove
(1) the authorised machine for logging into the ISP routers to make config changes should not be able to access remotely.
(2) Configuration Security Manager should be used to make configuration changes to routers - and any changes through remote login will not be successful as the CSM will disallow config changes and will maintain authorised configuration version only.
Thus no way for hackers to make BGP hijack from internet that are done remotely.
ricky l • Remove
The best IT expertise have been deployed in protecting the banking / financial system, the Government, the Home Affairs and Defense.
But seems like the Bitcoin Virtual Financial System - are not accorded the same accolade - and thus are "soft target" for hackers - to steal hard money through virtual currency.
No comments:
Post a Comment