Rootways of the World Tree (@Internet)¶
These are attack trees, not protocol documentation. Each section models how a specific internet-scale protocol becomes a surface for systemic trust collapse: prefix hijacking, session manipulation, amplification, covert channels, route poisoning. The protocol is the context; the tree is the decomposition of what becomes possible within it. For local routing protocols inside an organisation, the companion section is Patches. Operational procedures for executing against these surfaces are in Tradecraft.
Branching far and wide
- Transmission Control Protocol (TCP)
- Attack tree (TCP)
- Router TCP stack exploitation
- BGP session manipulation
- Man-in-the-middle BGP sessions
- Protocol-level TCP attacks
- Off-path & side-channel attacks
- Cloud/middlebox-specific attacks
- Session integrity attacks
- Network infrastructure attacks
- Advanced persistence mechanisms
- Supply chain compromise
- Internet Protocol (IPv4 and IPv6)
- Border Gateway Protocol (BGP and MP-BGP)
- BGP as a strategic attack surface
- Attack tree (BGP and MP-BGP)
- IPv4 prefix hijacking
- IPv4 path manipulation
- IPv4 infrastructure attacks
- Multiprotocol label switching (MPLS) attacks (MP-BGP)
- Address family exploitation (MP-BGP)
- MP-BGP session attacks
- RPKI infrastructure attacks
- DDoS amplification attacks
- Cryptographic attacks on routing protocols
- BGP and DNS infrastructure attacks
- BGP + CDN/Cloud infrastructure attacks
- Internet Control Message Protocol (ICMP)
- Overview attacks on ICMP
- ICMP Echo sweeping (Ping sweep)
- TTL manipulation for OS fingerprinting
- ICMP-based service discovery
- ICMP tunnelling for data exfiltration & covert channels
- Fragmented ICMP exfiltration techniques
- DNS-over-ICMP (C2) covert channels
- ICMP flood attacks
- ICMP amplification attacks
- NAT/Firewall bypass techniques
- Lateral movement via ICMP
- ICMPv6 router advertisement spoofing
- IoT/OT device crashes via ICMP
- Cloud metadata service abuse via ICMP
- Domain Name System (DNS)
- Internet Protocol Security (IPsec)
- Internet Protocol Security (IPsec) protocol notes
- Attack tree (IPsec)
- Cryptographic attacks
- Key management attacks
- IPsec implementation flaw attacks
- Protocol downgrade attacks
- Security Association manipulation attacks
- Identity spoofing attacks
- Memory corruption attacks
- Resource exhaustion attacks
- Configuration bypass attacks
- Border Gateway Protocol Security (BGPsec)
- Disclaimer