The Border Gateway Protocol (BGP) is the Internet's de facto inter-domain routing protocol. Due to its critical role in backbone infrastructure, denial of service attacks on BGP routers have the potential to compromise global connectivity.

BGP is not a standalone protocol; it relies on other protocols such as the Transport Control Protocol (TCP). In this work, we research whether BGP's reliance on TCP could lead to vulnerabilities allowing non-peers to perform denial of service attacks. We develop a methodology allowing researchers, vendors, and operators to enumerate potential weaknesses or vulnerabilities in routers and propose three attack types. We apply this methodology to physical and virtual routers from three popular vendors and identify several potential vulnerabilities. We find that one vendor's BGP implementation is susceptible to two types of attacks: SYN Flood and Connection Exhaustion. They allow a remote non-peered attacker to stop legitimate peers from connecting to the BGP listener of the affected router, preventing the exchange of routes. We responsibly disclose the vulnerability to the affected vendor. Our results show that as few as 5 to 20 packets per second can be sufficient to perform denial of service. Finally, we propose several ways to mitigate the impact of the proposed attacks.