nanog mailing list archives
Re: Securing the BGP or controlling it?
From: Jorge Amodio <jmamodio () gmail com>
Date: Mon, 10 May 2010 16:23:20 -0500
Also, while (IMHO) the much higher level of private interconnects / peering links in use today vs. 1997 makes willful route hijacking more difficult, building better security directly into the protocol is certainly in order. A good parallel is the SS7 network that runs "routing" for traditional voice signaling: it's "secured" by using a completely separate, out of band TDM network (DS1s and DS0s) but its also an "in the clear" protocol and could be subject to willful vandalism.
Diff with SS7, we can't send a VoIP msg with every packet saying "Your packet can not be delivered as routed, please restart your computer and try again", ohh yes we can ICMP :-) Cheers Jorge
Current thread:
- Re: Securing the BGP or controlling it?, (continued)
- Re: Securing the BGP or controlling it? Patrick W. Gilmore (May 11)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Anton Kapela (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? deleskie (May 10)
- Re: Securing the BGP or controlling it? Randy Bush (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Vincent J.. Bono (May 10)
- Re: Securing the BGP or controlling it? Jorge Amodio (May 10)
- Re: Securing the BGP or controlling it? deleskie (May 10)