Menu: 0:00 ▶ You down with BGP? 0:20 ▶ The Internet relies on BGP 0:47 ▶ BGP scripts that we will create 1:24 ▶ Warning about BGP 2:04 ▶ Live BGP Internet router 2:33 ▶ Real world cases of BGP hacks 3:03 ▶ Protecting BGP 3:30 ▶ How do I learn this stuff? 3:47 ▶ BGP network topology 4:55 ▶ Wiretaps 5:58 ▶ Issue with wiretaps 6:35 ▶ Hubs vs Port Mirroring 7:10 ▶ Cisco switch port monitoring 8:30 ▶ Kali Network Setup 8:58 ▶ Three scripts 9:15 ▶ BGP reset script explained 10:00 ▶ BGP port numbers 10:39 ▶ New Ethernet Frame 11:03 ▶ Script TCP Port Numbers: 11:47 ▶ BGP Reset crafted packet 13:55 ▶ Python scapy sendp 14:38 ▶ Python loop 14:50 ▶ Create script on Kali Linux 15:22 ▶ Cisco router BGP output 17:08 ▶ Run Python script 18:20 ▶ Test again resetting BGP neighbor relationship 19:53 ▶ Simple Python script resets BGP relationship This video shows you a simple script to DoS a network by reseting BGP neighbor relationships which results in the network going down (BGP neighbor reset / BGP routes lost / routing table routes lost). In other videos in this series, I'll show you how to remove routes and add fake BGP routes to Cisco routers. You need to learn to code! Learn Python. Learn Networking. You are going to be very powerful and very scary if you combine knowledge of networking with Python scripting! But, do good. Learn to code. Learn Linux. Learn Networking. ========= BGP Music: ========= You down with BGP: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-RT-1DU33xIk.html ====== Scripts: ====== DoS BGP network: davidbombal.wiki/bgpresetneighbor Playlist: davidbombal.wiki/scapy ============== Scapy Resources: ============== Website: scapy.net/ Documentation: scapy.readthedocs.io/en/latest/ Scapy installation: =============== sudo apt update sudo apt install python3-pip sudo pip3 install scapy ================ Connect with me: ================ Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: ru-vid.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Hi David, thank you very much for your videos. Would you please tell us what terminal application are you using? The one we can see around minute 7:00.
at 17:28, I was shaking my finger at the screen saying the BGP hold-down timers and update hold timers. Thanks for finally saying BGP route changes do no happen quickly and for a good reason as you demonstrated here any traffic destined for those networks would most likely have been retransmitted or lost depending on protocol. This was a great video and I will employ it in my lab with my Nokia 7750's acting as two separate providers (emulating about 500 entries in the BGP table) to my two 3845's. I can't reiterate your warning enough to up and coming engineers not to try this on a live network connection at home or work. At home you probably have a layer of protection provided by your ISP, but your work may have a BGP connection set up because they have connections from multiple carriers that they load=balance or use in standby configuration.
When Facebook put out a press release that the outage was due to a configuration error on their routers, I had to call shenanigans on that! There’s no way a simple error could cause such widespread outage like that for so long. Hacking BGP makes more sense to me more than anything.
DAVID !! so funny i was laughing my ass off at the fact you put out a video hacking BGP and then facebooks BGP gets hacked a week later lollllll your are a brilliant
If you have physical access to network you are the "king". Now you can make much more then destroy BGP session. It is not BGP problem it is security problem.
yeah bro...i'm down with BGP - sort of. Some 10+ years ago, tried to create a VPN tunnel between the office and AWS for a customer request to host our SaaS application in Ireland. Couldn't do it because (at least at the time) our watchguard firewall didn't support BGP over a VPN tunnel. Good informational video.
Thanks you so much for ccna and ccnp David but I haven't watch it because I want it to be special I want to watch it in my free years because I'm on my studies for 10th grade after I pass it then I'll watch it You help us a lot I have seen many person kind as you but your kindness was building our career knowledgeable and skill thanks again davdavid
I wonder why many people are not watching or interest in this video David if you add your title like *what is BGP? Destroying internet* and so on and on and on then I'm pretty sure there would have been already 50k view
Hello sir i am a big fan of yours and i learnt hacking till date by watching your video you really inspire me sir i just need a little help of yours that can you please tell that is it necessary to have a hub or a switch for bgp attacks or can we do it just by wirelessly connecting to the home router ?
I have one doubt not regarding this vedio but about the course you have give in udemy Networking. You have not given the clear picture what you want to say
Destroying the internet with BGP is possible only if you already got a ASN and you're connected with a peer that alow you to "destroy the internet". That it's generaly not the case. But in theory/lab yes and that's a "putaclick title", but IRL is another deal.
@@davidbombal Do you think IRL that you can port tapping between 2 big BGP router ?? i.e go in a datacenter unattended, find where the BGP RTR is, then find the interfaces where the BGP flows, etc ? In lab you make assumption and you know the topology. How do you deal with that ? As a normal web user, i'm connected whit ADSL/FTTH over a PPP session with my ISP, from there, how do you sniff/spoof/tap a BGP RTR ?
@@pologtijaune Never said it would be easy- just not impossible: www.theverge.com/2013/10/30/5046958/nsa-secretly-taps-into-google-yahoo-networks-to-collect-information and www.nytimes.com/2013/10/31/technology/nsa-is-mining-google-and-yahoo-abroad.html - I'm not going to argue with you about possibilities - you are welcome to your opinion on this... and I will continue teaching people how networks work and how to use Python.
@@davidbombal thx to take the time to teach people networks, the fact is that the video let us think that's easy, but that really not the case. Just a clarification. I still love your videos (y).
@@davidbombal Tapping a local ethernet connection is not a big deal, but how can you tap on a DWDM n*10G channel, where this traffic is mostly flows?... Sure, NSA had done it, because: 1: they have a lot of money to such equipment, 2: big tech compaines in the pocket of NSA and US goverment with the help of patriot act (and the govement won't make restrictions, if the big tech companies obey, there are a lot of blackmailing and background deal can be done) Just to be clear: I'm not judge what you teach (is awesome), but the click bait name of your video ;)
omg david that is so easy for you to do,,,for me to do that it will take me 1 year of studding with you hahahah..great supper star david ,,,,,1 Q for you david please......you not afraid of learning that to anyone one here? because as you said it can put someone in jail for doing a bad thing..thnaks david