nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BGP related question

From: chip <chip.gwyn () gmail com>
Date: Thu, 1 Aug 2013 12:00:28 -0400
For detection, there are a few solutions, but mostly it's just monitoring
the route table for your specific routes and being alerted when things
change.  For prevention there are things like RPKI (
https://www.arin.net/resources/rpki/index.html) that can help.  There are a
few other possibilities as well, each with their own pros and cons and
various cases of weakness.  RPKI seems to be the current favorite and most
widely supported.  Well, by vendors at least...

--chip


On Thu, Aug 1, 2013 at 10:00 AM, Shah, Parthiv <
Parthiv.Shah () theclearinghouse org> wrote:


My apology if I am asking for a repeat question on the list. On 7/29/13 I
read an incident about accidental BGP broadcast see article here
https://isc.sans.edu/diary/BGP+multiple+banking+addresses+hijacked/16249or older 2008 incident
http://www.renesys.com/2008/02/pakistan-hijacks-youtube-1/

My questions:


1)      I would like to understand how can we detect and potentially
prevent activities like this? I understand native BGP was not design to
authenticate IP owners to the BGP broadcaster. Therefore, issues like this
due to a human error would happen. How can activities like this be detected
as this is clearly a threat if someone decides to broadcast IP networks of
an organization and knock the real org. off the Net. 2) In reference to
prevention, I recall there were discussions about secure BGP (S-BGP),
Pretty Good BGP, or Secure Original BGP but I don't remember if any one of
them was finalized (from practicality viewpoint) and if any one of them is
implementable/enforceable by ISPs (do anyone have any insight)? 3) If I was
to ask for an opinion, from your viewpoint which one is better and why and
which one is not doable and why not?

Thank you in advance,
Parthiv


This e-mail may contain information that is privileged or confidential. If
you are not the intended recipient, please delete the e-mail and notify us
immediately.





-- 
Just my $.02, your mileage may vary,  batteries not included, etc....
Previous By Date Next
Previous By Thread Next

Current thread: