Comment by willscott
13 years ago
I wouldn't be surprised if some of the ICMP responses are forged - It seems disadvantageous for the site to have such a long path, since each hop has the potential for attack.
http://www.thoughtcrime.org/software/fakeroute/ can be seen as previous work that it is practical to do something like this.
No it's not forged as can be seen from the AS path in the global routing table.
Yes, it is forged, as explained by tuomasb.
Furthermore, a round trip time less than about 60 ms between Europe and North Korea is impossible, assuming the data is traveling at the speed of light. And we measured much less than that.
Not just ICMP, doing a traceroute over tcp also results in this. Looks to be either a really well done forgery, or legitimate.
TCP traceroute relies on ICMP responses, too.
I don't believe forging will help them much - they are doing this to avoid international law enforcement, and international law enforcement can easily check through a simple bluff like that.
Altering routing companies sending traffic through in bulk from Germany-NY-Satellite is far more difficult, but we may see them do this anyway. Time will tell.
They can also have someone inside the Thai Star Joint corporation that does the internet connectivity in NK.