nanog mailing list archives
Re: Cisco Crosswork Network Insights - or how to destroy a useful service
From: Vasileios Kotronis <vkotronis () ics forth gr>
Date: Wed, 15 May 2019 23:27:26 +0300
Hello,we would be happy to collaborate to deploy and extend the ARTEMIS open-source software tool
for monitoring, detection and potential automated mitigation of prefix hijacks,
available on GitHub at https://github.com/FORTH-ICS-INSPIRE/artemis .Current monitoring sources include RIS live, BGPStream (classic RV + RIS and beta BMP support) and ExaBGP APIs to local monitors.
You are most welcome to check out the code and test, provide feedback and/or integrate with existing custom tools you might use.
Best regards, Vasileios On 15/5/19 8:58 μ.μ., Dale W. Carder wrote:
Thus spake Job Snijders (job () ntt net) on Wed, May 15, 2019 at 12:16:06PM +0200:I recognise the issue you describe, and I'd like to share with you that we're going down another road. Nowadays, RIPE NCC offers a streaming API ("RIS Live") which has the data needed to analyse and correlate BGP UPDATES seen in the wild to business rules you as operator define. NTT folks are working on https://github.com/nlnog/bgpalerter/ - which relies on "RIPE RIS Live", this software should become a competitive replacement to current BGP monitoring tools. Stay tuned, the software will be more useful in the course of the next few weeks.Similarly, one can integrate CAIDA's BGPStream Broker Service[1] into their own tools. Like bgpalerter above, working with open source or rolling your own tools is increasingly straightforward[2] due to these community projects. Another viable project to keep an eye on is ARTEMIS[3] for monitoring. Dale [1] https://bgpstream.caida.org/data [2] https://github.com/dwcarder/bgpwatch [3] https://www.inspire.edu.gr/artemis/
-- ======================================= Vasileios Kotronis Postdoctoral Researcher, member of the INSPIRE Group INSPIRE = INternet Security, Privacy, and Intelligence REsearch Telecommunications and Networks Lab (TNL) Foundation for Research and Technology - Hellas (FORTH) Leoforos Plastira 100, Heraklion 70013, Greece Tel: +302810391241 Office: G-060 e-mail : vkotronis () ics forth gr url: http://inspire.edu.gr =======================================
Current thread:
- Cisco Crosswork Network Insights - or how to destroy a useful service Hank Nussbacher (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Job Snijders (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Carlos Friaças via NANOG (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Job Snijders (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Dale W. Carder (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Vasileios Kotronis (May 15)
- RE: Cisco Crosswork Network Insights - or how to destroy a useful service Marcin Gondek (May 16)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Carlos Friaças via NANOG (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Job Snijders (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Mann, Jason via NANOG (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Job Snijders (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service hank (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Mike Hammett (May 15)
- Message not available
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Patrick McEvilly (May 15)
- Re: Cisco Crosswork Network Insights - or how to destroy a useful service Douglas C. Stephens via NANOG (May 15)