nanog mailing list archives
Re: Revealed: The Internet's well known BGP behavior
From: Joe Greco <jgreco () ns sol net>
Date: Thu, 28 Aug 2008 12:58:59 -0500 (CDT)
To quote Bruce Schneier quoting an NSA maxim, attacks only get better; they never get worse. We now have running code of one way to do this. I think most NANOG readers can see many more ways to do it. A real solution will take years to deploy, but it will never happen if we don't start. And we want to have the solution out there *before* we see serious attacks on BGP. Again, thank you -- it was really nice work.
Seems like we *could* get a large part of the way there if people were only checking the information in question. While not the long-term fix of being able to prove authorization to advertise space, simply requiring a LOA at the edge, and requiring IRR further in, and keeping records of what was advertised, would seem to be a worthwhile improvement on the current state of affairs. Total prevention is a very rough goal, so making it more difficult, combined with being able to identify when someone did something bad, really ought to be a worthwhile interim goal, and I've wondered for a long time why this isn't being done. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Current thread:
- Re: Revealed: The Internet's well known BGP behavior, (continued)
- Re: Revealed: The Internet's well known BGP behavior Patrick Giagnocavo (Aug 27)
- Message not available
- RE: Revealed: The Internet's well known BGP behavior Hank Nussbacher (Aug 27)
- RE: Revealed: The Internet's well known BGP behavior Jon Lewis (Aug 27)
- Re: Revealed: The Internet's well known BGP behavior Eric Spaeth (Aug 27)
- Re: Revealed: The Internet's well known BGP behavior Colin Alston (Aug 27)
- Re: Revealed: The Internet's well known BGP behavior Suresh Ramasubramanian (Aug 28)
- Re: Revealed: The Internet's well known BGP behavior Patrick W. Gilmore (Aug 28)
- Re: Revealed: The Internet's well known BGP behavior Anton Kapela (Aug 28)
- Re: Revealed: The Internet's well known BGP behavior Steven M. Bellovin (Aug 28)
- Re: Revealed: The Internet's well known BGP behavior Joe Greco (Aug 28)
- Re: Revealed: The Internet's well known BGP behavior Randy Bush (Aug 28)