nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: automatic rtbh trigger using flow data

From: Michel Py <michel.py () tsisemi com>
Date: Thu, 30 Aug 2018 20:17:10 +0000
Aaron Gould wrote :
Hi, does anyone know how to use flow data to trigger a rtbh (remotely triggered blackhole) route using bgp ?  ...I'm 
thinking we could use
quagga or a script of some sort to interact with a router to advertise to bgp the /32 host route of the victim under 
attack.


Look at Exabgp : https://github.com/Exa-Networks/exabgp
That's what I use in here : https://arneill-py.sacramento.ca.us/cbbc/ to inject the prefixes in BGP.
I block the attacker's addresses, not the victim but if you are willing to write your own scripts it does the job.

Michel.

TSI Disclaimer:  This message and any files or text attached to it are intended only for the recipients named above and 
contain information that may be confidential or privileged. If you are not the intended recipient, you must not 
forward, copy, use or otherwise disclose this communication or the information contained herein. In the event you have 
received this message in error, please notify the sender immediately by replying to this message, and then delete all 
copies of it from your system. Thank you!...
Previous By Date Next
Previous By Thread Next

Current thread: