nanog mailing list archives

Re: BGP Security

From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sun, 27 Nov 2005 10:47:09 -0500


In message <43895830.7000708 () linsyssoft com>, Kaustubh Atrawalkar writes:


I am working over BGP security. Trying to guard router itself rather 
than trying to find the attacker. I am placing the module to test the 
UPDATE message before the formation of Adj-RIB-out. So that the false / 
malicious information wont go beyond my router and so that my router and 
the next hops will be free from attack. Would like to know ur views 
about this approach.

The problem is knowing that the input information is malicious -- how 
can you tell?

                --Steven M. Bellovin, http://www.cs.columbia.edu/~smb

Current thread:

BGP Security Kaustubh Atrawalkar (Nov 26)
- Re: BGP Security Steven M. Bellovin (Nov 27)
- <Possible follow-ups>
- Re: BGP Security Sandy Murphy (Nov 28)