Re: Bgpmon alternatives?

[Jared Mauch <jared () puck nether net>]

Yes. Here’s some sample code:

https://github.com/jaredmauch/rislive

It also helps the more feeds they get, please add feeds to them so there are more views of any possible malicious 
activities. 

Sent from my iCar

> On Jun 16, 2019, at 7:40 AM, Michael Hallgren <mh () xalto net> wrote:
>
> RIS Live API is a choice for this.
>
> mh
> > Le 16 juin 2019, à 13:21, Brian Kantor <brian () ampr org> a écrit:
> > That would be wonderful.  Thank you!
> >  - Brian
> >
> >
> > > On Sun, Jun 16, 2019 at 03:59:29AM -0700, Mike Leber wrote:
> > >  I'm sure if it doesn't do exactly that already, we can add it shortly.
> > >  
> > >  Some of planned functionality for hijack detection is already live. 
> > >  That's one of the main reasons for creating this service.
> > >  
> > >  Mike.
> > >  
> > > >  On 6/16/19 2:48 AM, Brian Kantor wrote:
> > > > >  On Sun, Jun 16, 2019 at 02:25:40AM -0700, Mike Leber wrote:
> > > > >  As a beta service you can try out rt-bgp.he.net.  This is a real time
> > > > >  bgp monitoring service we are developing.
> > > >  It's interesting, but I don't see any way to do what I primarily
> > > >  use the existing BGPMon for: watch for hijacks.
> > > >
> > > >  That is, set up one or more prefixes to be continuously monitored
> > > >  and have the monitor send me an email alert when that prefix or a
> > > >  subnet of it begins to be announced by someone new.
> > > >
> > > >  For example, if I have told it to monitor 44.0.0.0/8 and someone
> > > >  somewhere begins announcing it, or perhaps 44.1.0.0/16, I'd very
> > > >  much like to know about that, along with details of who and where.
> > > >
> > > >  Then if that announcement is authorized, I can tell the monitoring
> > > >  service that this new entry is NOT a hijack, and it won't bug me
> > > >  about it again.
> > > >
> > > >  Can it be persuaded to do this?
> > > >   - Brian