Deploy360 19 June 2014

Video: Google DNS Hijacking in Turkey (RIPE 68)

Andrew Mcconachie
By Andrew McconachieFormer Intern

Between March 29 and April 7 of 2014, the Turkish government announced a /32 BGP route for Google’s public DNS. This route redirected users to a DNS server which resolved popular addresses such as twitter.com and youtube.com to Turkish government websites. We previously wrote about this while it was happening. Now Stéphane Bortzmeyer’s talk, entitled “Google DNS Hijacking in Turkey” provides a technical understanding of how the Turkish Government accomplished this, and how he was able to prove it. His talk is now available for viewing from the RIPE 68 site. His slides are also available for viewing.

turkishBGPHijackGoogleDNS

When you’re done watching the video, check out our resources on DNSSEC and how you can deploy it for zones your organization manages. While DNSSEC would not have prevented this hijack from occurring, it could have possibly detected this hijack for end users.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...