On Sat, Aug 16, 2008 at 6:41 PM, Johan Beisser <[EMAIL PROTECTED]> wrote: > On Sat, Aug 16, 2008 at 2:33 PM, Travers Buda <[EMAIL PROTECTED]> wrote: > >> Are they protecting DefCon from the internet or the internet from DefCon? > > Does it have to be one or the other?
I went to a talk called "stealing the internet" - it was added the last day. Using BGP the presenters were able to hijack the defcon /24 ip range and route it to their server in New York. Normally that's the end of it - just another DOS. The new thing was that they were able to create a path back to the defcon network over a single route so they could actually return packets. They did the hijack at noon and at the end of the 4pm-5pm talk they showed a 75 gb and growing capture file. -N
