nanog mailing list archives
Re: BGP Attack - Best Defense ?
From: "Scott Weeks" <surfer () mauigateway com>
Date: Fri, 29 Aug 2008 14:56:55 -0700
Please allow me to change this: "I then would deaggregate (as little as possible) to be able to announce the same more specific as the attacker." to this: "Announce the same more specific as the attacker." scott --- surfer () mauigateway com wrote: From: "Scott Weeks" <surfer () mauigateway com> To: <nanog () merit edu> Subject: BGP Attack - Best Defense ? Date: Fri, 29 Aug 2008 14:29:21 -0700 My question revolves around the best recovery from an attack of the type we've been discussing. I only figured out the attack methodology yesterday evening Hawaiian Standard Time. Be gentle please... :-) I am signed up for the Prefix Hijack Alert System (phas.netsec.colostate.edu) and would be alerted in about 6 hours (or less?) about a prefix announcement change. I then would deaggregate (as little as possible) to be able to announce the same more specific as the attacker. The topologically closer ASs would then start sending the traffic to me properly. Those topologically closest to the attacker would still send to the attack path. I would then try to contact the ASs still using the attack path to get it stopped. (Yell help on NANOG? ;-) Is this the best recovery plan at this time? scott
Current thread:
- BGP Attack - Best Defense ? Scott Weeks (Aug 29)
- Re: BGP Attack - Best Defense ? Jason Fesler (Aug 29)
- Re: BGP Attack - Best Defense ? Steve Gibbard (Aug 29)
- <Possible follow-ups>
- Re: BGP Attack - Best Defense ? Scott Weeks (Aug 29)
- Re: BGP Attack - Best Defense ? Scott Weeks (Aug 29)
- Re: BGP Attack - Best Defense ? Jon Lewis (Aug 29)
- Re: BGP Attack - Best Defense ? Guy_Shields (Aug 29)
- Re: BGP Attack - Best Defense ? Scott Weeks (Aug 29)
- Re: BGP Attack - Best Defense ? Guy_Shields (Aug 29)
- Re: BGP Attack - Best Defense ? Scott Weeks (Aug 29)
- Re: BGP Attack - Best Defense ? Guy_Shields (Aug 29)
- Re: BGP Attack - Best Defense ? Scott Weeks (Aug 29)