[routing-wg] Prefix hijacking possibility
- Previous message (by thread): [routing-wg] Prefix hijacking possibility
- Next message (by thread): [routing-wg] Implementation of "pingable:" attribute in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Mon Feb 21 00:47:20 CET 2011
> In the most cases of real hijacks I know, the origin was the real ASN of > the prefix. It is easy, like this (cisco style): > > router bgp $EVIL_AS > network $TARGET_SITE_IP/24 route-map INSERT_ASN > ... > route-map INSERT_ASN permit 1 > set as-path prepend $TARGET_SITE_ASN for *real* attacks, yes. but 99% of mis-announcements are fat fingers, and do not have the correct asn in the origin. > If you need to fight with the hijacks, you SURE need to check and filter > the WHOLE chain of route. agree completely. see new sidr wg charter randy
- Previous message (by thread): [routing-wg] Prefix hijacking possibility
- Next message (by thread): [routing-wg] Implementation of "pingable:" attribute in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]