nanog mailing list archives
Re: odd hijack
From: Nick Feamster <feamster () cc gatech edu>
Date: Fri, 10 Nov 2006 11:55:19 -0500
On Fri, Nov 10, 2006 at 11:01:02AM +0000, steve () telecomplete co uk wrote:
the preso link is below, you didnt read it yet.. :) you can hijack any address space providing your route is preferred either because it is more specific, less specific, shorter as-path..
Slides 13-15 of our Feb 2006 NANOG talk show examples of this and describe the motivation. The technique us also described in detail in our SIGCOMM paper, along with several other observations about why doing things like looking at "uncommon origin ASes" to detect a determined hijacker is unlikely to ever be successful at detecting a malicious hijack (as opposed to a misconfiguration). -Nick
Current thread:
- odd hijack Josh Karlin (Nov 09)
- Re: odd hijack Hank Nussbacher (Nov 09)
- Re: odd hijack Josh Karlin (Nov 09)
- Re: odd hijack Hank Nussbacher (Nov 10)
- Re: odd hijack steve (Nov 10)
- Re: odd hijack Nick Feamster (Nov 10)
- Re: odd hijack Randy Bush (Nov 10)
- Re: odd hijack Josh Karlin (Nov 10)
- Re: odd hijack Randy Bush (Nov 10)
- Re: odd hijack Josh Karlin (Nov 09)
- Re: odd hijack Nick Feamster (Nov 10)
- Re: odd hijack Hank Nussbacher (Nov 09)