make_hijacks - nsg-ethz/mini_internet_project GitHub Wiki

BGP prefix hijacking

During the project, we like to hijack students' prefixes so that they need to implement mitigation steps, e.g. using more specific advertisements or RPKI+ROV. We prepared scripts to automatically hijacks students' prefixes. The script utils/hijacks/hijack.sh is the core script used to generate hijacks.

This script takes the following mandatory arguments:

  • Argument #1: the hijacker AS.
  • Argument #2: the hijacked prefix.
  • Argument #3: the sequence number used within the prefix-list (just write something like 100 and it should work).

For instance, the following command will make AS5 hijack part of AS13's prefix:

./run_hijack 5 13.104.0.0/25 100

There are two optional arguments:

  • --clear: To undo an ongoing hijack.
  • --origin_as X: To perform a Type-1 hijack where X is the origin of the hijacked route.

Network-wide hijacks

Using the hijack.sh script you can then activate hijacks for every student group. For example, we do this in the scripts question_3_1.sh, question_3_2.sh and question_3_3.sh. You can just adapt these scripts according to your topology and your questions.