|
How easy is this to pull off?
- You can use a shady ISP
- You can BE a shady ISP
- You can work at an ISP and be shady
But even given none of the above, "mistakes" happen.
- Even top tier ISP's can be socially engineered into forgetting to use proper BGP filters
- There is an inversely proportional relationship between size of customer and ease of filtering
- ISP's tend to believe their peers
- Top tiers are focused on mitigating DDOS and Worm attacks, and typically don't consider a 15 minute "misconfiguration" to be a security problem.
|
|
