nanog mailing list archives
Re: YouTube IP Hijacking
From: Todd Underwood <todd-nanog () renesys com>
Date: Mon, 25 Feb 2008 15:13:17 +0000
y'all, On Mon, Feb 25, 2008 at 06:49:35AM -0800, Barry Greene (bgreene) wrote:
Seriously -- a number of us have been warning that this could happen. More precisely, we've been warning that this could happen *again*; we all know about many older incidents, from the barely noticed to the very noisy. (AS 7007, anyone?) Something like S-BGP will stop this cold. Yes, I know there are serious deployment and operational issues. The question is this: when is the pain from routing incidents great enough that we're forced to act? It would have been nice to have done something before this, since now all the world's script kiddies have seen what can be done.BCPs stops this problem. soBGP may make it easier.
except in the most meaningless of interpretations, i don't see how BCPs solve this problem. Barry: did you mean: "If only everyone on the Internet would perfectly filter their customers prefix announcements on every connection, then everything would be fine?" Or perhaps: "If everyone would register all of their prefixes in some applicable routing registry with such a degree of accuracy that we could build customer and peer filters out of it then this problem would go away." ? both are true statements, but neither is ever going to happen (i'm not sure that sBGP or soBGP is going to happen ever either). in the mean time all we can do is watch and try to respond to events as quickly as they occur. In fact, we would all be better off if more people were just watching their prefix announcement progapations. Although this hijacking/blackholing was caught quickly, i have seen many other cases where the event lasted for hours (or days). by the way: my colleague Martin A. Brown (who spoke at NANOG on the Taiwan Earthquakes), has written a fairly detailed blog post on the this event. It includes a detailed timeline and some information for people who might find that useful. http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml Clearly this is not the first interesting accidental hijacking and certainly won't be the last. t. -- _____________________________________________________________________ todd underwood +1 603 643 9300 x101 renesys corporation general manager babbledog todd () renesys com http://www.renesys.com/blog
Current thread:
- RE: [admin] [summary] RE: YouTube IP Hijacking, (continued)
- RE: [admin] [summary] RE: YouTube IP Hijacking Barry Greene (bgreene) (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Jared Mauch (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Aaron Glenn (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Adrian Chadd (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Mark Newton (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Jared Mauch (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Adrian Chadd (Feb 26)
- Re: [admin] [summary] RE: YouTube IP Hijacking Adrian Chadd (Feb 26)
- Re: YouTube IP Hijacking Christopher Morrow (Feb 25)
- RE: YouTube IP Hijacking Barry Greene (bgreene) (Feb 25)
- Re: YouTube IP Hijacking Todd Underwood (Feb 25)
- Message not available
- hijack chronology: was [ YouTube IP Hijacking ] Martin A. Brown (Feb 25)
- Re: hijack chronology: was [ YouTube IP Hijacking ] Simon Leinen (Feb 26)
- Re: YouTube IP Hijacking Christopher Morrow (Feb 24)
- Re: YouTube IP Hijacking Justin Shore (Feb 25)
- Re: YouTube IP Hijacking John Payne (Feb 26)
- Re: YouTube IP Hijacking Joel Jaeggli (Feb 26)
- Re: YouTube IP Hijacking Christopher Morrow (Feb 26)
- RE: YouTube IP Hijacking Hank Nussbacher (Feb 24)
- Re: YouTube IP Hijacking Patrick W. Gilmore (Feb 25)
- Re: YouTube IP Hijacking Matsuzaki Yoshinobu (Feb 25)