Adam KOSTULAK

University of Gdansk Gdansk, Poland

Abstract

IP packet routing processes are a key element of Internet communication. The task of the routing mechanisms is to choose the optimal packet route. Optimizing the choice of the route from the sender to the recipient requires adjusting many factors such as availability, delay, efficiency or route length. The appropriate algorithms used in the implementation of individual routing protocols are responsible for this. The most popular protocols for dynamic routing of autonomous systems in wired networks include RIP and EIGRP – protocols based on the distance-vector algorithm as well as OSPF and IS-IS – link state protocols. BGP,  path-vector based routing protocol, is the basis of the modern Internet.  Due to the dynamics of changes in the topology of network structures, it is necessary for routers to periodically broadcast information needed to carry out routing processes. This information is vulnerable to various security threats. The paper analyzes the security threats of selected dynamic routing protocols. A review of current methods of managing computer networks showed the widespread use of dynamic routing protocols, which use only authentication  mechanisms as security, often appearing as mandatory in newer versions of these protocols. The paper draws attention to the vulnerability of authenticated routing broadcasts to spoofing, eavesdropping and denial of service (DoS) attacks. Methods of protection against this attacks are presented, taking into account the integrity of routing table updates broadcast by routers.

Keywords: Routing protocols, RIP, OSPF, IS-IS, BGP, TCP/IP protocol stack, Network security
Shares