nanog mailing list archives

Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)

From: Max Tulyev <maxtul () netassist ua>
Date: Mon, 23 May 2022 19:03:43 +0300

15.05.22 00:19, Nick Hilliard пише:

a malicious actor will spoof the origin AS. The aim of RPKI to helpstop mis-origination of prefixes, and the root cause of most of this isaccidental.

To make a working hijack of the routed prefix (for sniffing traffic,DDoS or something similar), you have to announce a more specificprefix(es). It can be denied by RPKI.

If you signed RPKI prefix is still unannounced - yes, somebody canhijack it by forging the origin ASN - that's quite easy.

Current thread:

RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 12)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Mark Tinka (May 12)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 13)
  - RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 13)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Mark Tinka (May 13)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 14)
    - RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 15)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Hank Nussbacher (May 14)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Nick Hilliard (May 14)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Max Tulyev (May 24)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 24)
    - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Randy Bush (May 14)
- <Possible follow-ups>
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 24)
  - Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Geoff Huston (May 24)