iTnews

Google DNS servers suffer brief traffic hijack

By Juha Saarinen on Mar 17, 2014 8:13AM
Google DNS servers suffer brief traffic hijack

Are security measures enabled?

Traffic to Google's commonly used public DNS service was rerouted over the weekend, meaning traffic with Domain Name System resolution queries destined for Google's servers ended up at a Venezuelan network instead.

UK telco BT's Latin America division in Venezuela became the destination for the IP address range used by Google, in a phenomenon known as BGP (border gateway protocol) hijacking, according to monitoring firm BGPmon.

The rerouting affected networks in that country and Brazil for 22 minutes, BGPMon said.

Why BT Latin America was able to announce the incorrect traffic routing despite Google's security measures to protect against hijacking isn't known. iTnews has put in queries with both BGPMon and BT LATAM.

BGP traffic hijacking is on the rise, according to internet performance metrics analyst firm Renesys, which last year noted that over a period of two months, around 1500 IP address blocks were rerouted. Several were in Australia.

Google's 8.8.8.8 and 8.8.4.4 (IPv6: 2001:4860:4860::8888 and 2001:4860:4860::8844) free public DNS resolvers were set up in 2009 with the aim to provide better performance for queries, as well as improved security.

They are said to fully support DNSsec security policies and validation, but it is not clear whether the routers for the servers' network support resource public key infrastructure (RPKI) for BGP.

These security measures provide route origination authorisation objects (ROAs) that specify which autonomous systems can announce routes for certain IP address prefixes

A query by iTnews at whois.bgpmon.net for the ROA for the 8.8.8.0/24 network range did not produce any result, suggesting there is no policy in place to prevent BGP hijacking through wrong unauthorised announcements.

Google's free and open DNS infrastructure is very popular with users around the world. Last year, Google said its public DNS servers answer 130 to 150 billion queries a day from 70 million unique IP addresses.

Similar large numbers were seen in a test by Geoff Huston at the Asia-Pacific Network Information Centre (APNIC) using just under 2.5 million clients. That test showed 7.2 percent had queries passed on to authoritative nameservers from Google's DNS service.

Google Australia was asked for comment on the rerouting of its DNS service, but has yet to respond to iTnews.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bgpdnsgoogleroaroutingrpkitelco/isp

Partner Content

Alienated from your own data? You’re not alone
Promoted Content Alienated from your own data? You’re not alone
Why you can’t miss Australia’s premiere IoT Conference on 9th June
Promoted Content Why you can’t miss Australia’s premiere IoT Conference on 9th June
Top 5 Benefits of Managed IT Services
Promoted Content Top 5 Benefits of Managed IT Services
5 essential digital transformation ideas
Promoted Content 5 essential digital transformation ideas

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • 11th Annual Fraud Prevention Summit 2022
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Juha Saarinen
Mar 17 2014
8:13AM
0 Comments

Related Articles

  • Telstra routing flub affects hundreds of networks worldwide
  • Russia says it's not planning to block YouTube
  • Optus repeats calls for OTT services to pay more
  • EU's Vestager assessing if tech giants should share telcos' costs
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform
NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'
Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS
NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

Digital Nation

Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.