nanog mailing list archives
Re: Argus: a hijacking alarm system
From: Yang Xiang <xiangy08 () csnet1 cs tsinghua edu cn>
Date: Fri, 20 Jan 2012 20:14:25 +0800
_________________________________ Yang Xiang . about.me/xiangyang Ph.D candidate. Tsinghua University Argus: argus.csnet1.cs.tsinghua.edu.cn 2012/1/20 Jeroen Massar <jeroen () unfix org>
On 2012-01-20 12:01 , Yang Xiang wrote:2012/1/20 Suresh Ramasubramanian <ops.lists () gmail com <mailto:ops.lists () gmail com>>Please note that automated polling of route servers without prior consent of the owner of said route server might not be completely acceptable as it puts serious loads on them. A better way is to get proper BGP sessions set up towards various locations. You might also want to look at http://www.ripe.net/data-tools/stats/ris/ris-raw-data which describes how to get access to RIPE's RIS system raw data, this is what BGPMon also uses.
Argus receives BGP update from BGPmon, and only access route servers when it find one BGP update is 'anomalous'. We also controlled the load to these route servers. After login to the route server, Argus only execute 'ping' for a given IP address, and 'show ip bgp' for a given prefix, and will logout from the route server after two minutes.
Greets, Jeroen
Current thread:
- Argus: a hijacking alarm system Yang Xiang (Jan 20)
- Re: Argus: a hijacking alarm system Jeroen Massar (Jan 20)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 20)
- Re: Argus: a hijacking alarm system Suresh Ramasubramanian (Jan 20)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 20)
- Re: Argus: a hijacking alarm system Jeroen Massar (Jan 20)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 20)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 20)
- Re: Argus: a hijacking alarm system Jeroen Massar (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Arturo Servin (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Danny McPherson (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Christopher Morrow (Jan 22)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Christopher Morrow (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) John Kemp (Jan 23)