nanog mailing list archives
RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
From: "Jakob Heitz \(jheitz\) via NANOG" <nanog () nanog org>
Date: Tue, 24 May 2022 19:45:19 +0000
This attack will work very well until the victim starts advertising its prefix. The victim may not notice the fake advertisement because the fake advertisement will not reach the victim AS due to AS-path loop checking. So potential victims must advertise all prefixes that they register in RPKI or subscribe to an Internet monitoring service to detect the fake advertisements. And don't forget maxlen. You must advertise in BGP every prefix covered by maxlen. Regards, Jakob. -----Original Message----- From: Saku Ytti <saku () ytti fi> On Tue, 24 May 2022 at 11:23, Max Tulyev <maxtul () netassist ua> wrote:
To make a working hijack of the routed prefix (for sniffing traffic, DDoS or something similar), you have to announce a more specific prefix(es). It can be denied by RPKI. If you signed RPKI prefix is still unannounced - yes, somebody can hijack it by forging the origin ASN - that's quite easy.
This axiomatically assumes first come, first serve, which is obviously not complete understanding of BGP best path algorithm. -- ++ytti
Current thread:
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s), (continued)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 13)
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Mark Tinka (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 14)
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 15)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Hank Nussbacher (May 14)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Nick Hilliard (May 14)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Max Tulyev (May 24)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 24)
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Randy Bush (May 14)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Geoff Huston (May 24)