{"id":376,"date":"2014-03-17T17:00:35","date_gmt":"2014-03-17T17:00:35","guid":{"rendered":"http:\/\/www.ccrepairservices.com\/blog\/?p=376"},"modified":"2014-03-17T17:04:46","modified_gmt":"2014-03-17T17:04:46","slug":"google-dns-servers-suffer-brief-traffic-hijack","status":"publish","type":"post","link":"https:\/\/www.ccrepairservices.com\/blog\/computer-news\/google-dns-servers-suffer-brief-traffic-hijack\/","title":{"rendered":"Google DNS servers suffer brief traffic hijack"},"content":{"rendered":"<h2>Are security measures enabled?<\/h2>\n<div>\n<\/div>\n<p>Traffic to Google&#8217;s commonly used public DNS service was rerouted over the weekend, meaning all traffic with Domain Name System resolution queries destined for Google&#8217;s servers ended up at a Venezuelan network instead.<\/p>\n<p>UK telco BT&#8217;s Latin America division in Venezuela became the destination for the IP address range used by Google, in a phenomenon known as BGP (border gateway protocol) hijacking,\u00a0according to monitoring firm BGPmon.<\/p>\n<div>\n<p><img decoding=\"async\" alt=\"\" src=\"https:\/\/cdn.i.haymarket.net.au\/Utils\/ImageResizer.ashx?n=http%3a%2f%2fi.haymarket.net.au%2fNews%2fGoogle+DNS+BGPmon.png&amp;w=460&amp;c=0\" \/>\n<\/div>\n<p>The rerouting affected networks in that country and Brazil for 22 minutes, BGPMon said.<\/p>\n<p>Why BT Latin America was able to announce the incorrect traffic routing despite Google&#8217;s security measures to protect against hijacking\u00a0isn&#8217;t known. <em>iTnews <\/em>has put in queries with both BGPMon and BT LATAM.<\/p>\n<p>BGP traffic hijacking is on the rise, according to internet performance metrics analyst firm Renesys, which last year noted that over a period of two months, around 1500 IP address blocks were rerouted. Several were in Australia.<\/p>\n<p>Google&#8217;s 8.8.8.8 and 8.8.4.4 (IPv6: 2001:4860:4860::8888 and 2001:4860:4860::8844)\u00a0free public DNS resolvers were set up in 2009 with the aim to provide better performance for queries, as well as improved security.<\/p>\n<p>They are said to <span style=\"color: #0000ff;\"><span style=\"color: #0000ff;\">fully support DNSsec security policies<\/span><\/span> and validation, but it is not clear whether the routers for the servers&#8217; network support <span style=\"color: #0000ff;\"><span style=\"color: #0000ff;\">resource public key infrastructure (RPKI)<\/span> <\/span>for BGP.<\/p>\n<p>These security measures provide route origination authorization objects (ROAs) that specify which autonomous systems can announce routes for certain IP address prefixes<\/p>\n<p>A query by <em>iTnews<\/em> at whois.bgpmon.net for the ROA for the<span style=\"color: #00ff00;\"> <a class=\"linkification-ext\" title=\"Linkification: https:\/\/8.8.8.0\/24\" href=\"https:\/\/8.8.8.0\/24\">8.8.8.0\/24<\/a><\/span> network range did not produce any result, suggesting there is no policy in place to prevent BGP hijacking through wrong unauthorized announcements.<\/p>\n<p>Google&#8217;s free and open DNS infrastructure is very popular with users around the world. Last year, Google said its public DNS servers answer 130 to 150 billion queries a day from 70 million unique IP addresses.<\/p>\n<p>Similar large numbers were seen in a test by Geoff Huston at the Asia-Pacific Network Information Centre (APNIC) using just under 2.5 million clients. That test\u00a0showed\u00a07.2 percent had queries passed on to authoritative name servers from Google&#8217;s DNS service.<\/p>\n<p>&nbsp;<\/p>\n<h1 style=\"text-align: center;\"><span style=\"color: #00ff00;\"><span style=\"text-decoration: underline;\">Please visit<\/span> <a title=\"computer repair and online news viruses threats malware screen repair and much more\" href=\"https:\/\/ccrepairservices.com\">ccrepairservices.com<\/a><\/span><\/h1>\n<h1 style=\"text-align: center;\"><span style=\"color: #ff6600;\"> for latest computer repair and online news.<\/span><\/h1>\n<h2 style=\"text-align: center;\"><span style=\"color: #993300;\">Local and Online Virus removal and computer repairs anytime, anywhere<\/span><\/h2>\n","protected":false},"excerpt":{"rendered":"<p>Are security measures enabled? Traffic to Google&#8217;s commonly used public DNS service was rerouted over the weekend, meaning all traffic with Domain Name System resolution queries destined for Google&#8217;s servers ended up at a Venezuelan network instead. UK telco BT&#8217;s Latin America division in Venezuela became the destination for the IP address range used by Google, in a phenomenon known as BGP (border gateway protocol) hijacking,\u00a0according to monitoring firm BGPmon. The rerouting affected networks in that country and Brazil for 22 minutes, BGPMon said. Why BT Latin America was able to announce the incorrect traffic routing despite Google&#8217;s security measures to protect against hijacking\u00a0isn&#8217;t known. iTnews has put in queries with both BGPMon and BT LATAM. BGP traffic hijacking is on the rise, according to internet performance metrics analyst firm Renesys, which last year noted that over a period of two months, around 1500 IP address blocks were rerouted. Several were in Australia. Google&#8217;s 8.8.8.8 and 8.8.4.4 (IPv6: 2001:4860:4860::8888 and 2001:4860:4860::8844)\u00a0free public DNS resolvers were set up in 2009 with the aim to provide better performance for queries, as well as improved security. They are said to fully support DNSsec security policies and validation, but it is not clear whether [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[568,575,220,570,569,19,566,574,32,572,565,573,110,105,567,147,86,571,451,405,7,148],"class_list":["post-376","post","type-post","status-publish","format-standard","hentry","category-computer-news","tag-8-8-8-8","tag-compromised-network","tag-computer","tag-computer-bulletin","tag-computer-related-news","tag-computer-repair","tag-dns","tag-dns-hacked","tag-fort-lauderdale","tag-fort-lauderdale-computer-news","tag-google","tag-google-news","tag-hacked","tag-hackers","tag-hijack","tag-latest-computer-news","tag-news","tag-online-bulletin","tag-online-news","tag-repairs","tag-virus","tag-viruses"],"_links":{"self":[{"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/posts\/376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/comments?post=376"}],"version-history":[{"count":4,"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/posts\/376\/revisions"}],"predecessor-version":[{"id":380,"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/posts\/376\/revisions\/380"}],"wp:attachment":[{"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/media?parent=376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/categories?post=376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ccrepairservices.com\/blog\/wp-json\/wp\/v2\/tags?post=376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}