Hacktricks 179 [2026]

Unlike internal routing protocols (such as OSPF or EIGRP) that often rely on raw IP or multicast payloads, BGP operates at the application layer and relies on a reliable transport layer. It uses to establish peer-to-peer sessions between separate Autonomous Systems (AS) or within a massive enterprise core. A BGP session involves an active peer and a passive peer:

: An attacker compromises an edge router or establishes an unauthorized peering session. They broadcast an UPDATE message claiming ownership of an IP prefix assigned to another entity. hacktricks 179

The first stage of any network audit targeting infrastructure routing is validating if Port 179 is exposed and identifying the software daemon running behind it. Passive and Active Port Scanning Unlike internal routing protocols (such as OSPF or

[ Idle ] -------> [ Connect ] <-------> [ Active ] | | v v [ OpenSent ] --------> [ OpenConfirm ] -------> [ Established ] They broadcast an UPDATE message claiming ownership of

Triggering route flapping or resetting sessions can disrupt connectivity for entire network segments. PentestPad Pentesting Methodology Port 179 - BGP (Border Gateway Protocol) - PentestPad