This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/mat-wg@ripe.net/
[mat-wg] Measuring IP address hijacking with RIPE Atlas?
- Previous message (by thread): [mat-wg] Measuring IP address hijacking with RIPE Atlas?
- Next message (by thread): [mat-wg] Measuring IP address hijacking with RIPE Atlas?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Richard Barnes
rbarnes at bbn.com
Thu Apr 18 17:43:05 CEST 2013
Maybe it could be set up on a voluntary basis, so that you would have to opt in to get hijack protection? That would also bound the scope of the measurements you would need, and make the fingerprinting simpler. Notional design 1. ISP that wants to be protected publishes an IP address and a public key for a test host 2. Probe node sends a packet to test host IP address with a nonce 3. Test host responds with signature over nonce 4. Probe node knows hijack is not happening if (1) Signature over nonce is valid under the public key, and (2) Latency is not significantly higher The signature would guarantee that the hijacker wouldn't be able to trivially fake responses. The latency check helps address the case where the hijacker can get real signatures from the real test host (e.g., via a peer). I went ahead and threw a prototype up on GitHub. Only 43 lines of python! <https://github.com/bifurcation/hijack-nonces> On Apr 18, 2013, at 10:21 AM, Randy Bush <randy at psg.com> wrote: >> When I talk about "behavior" I'm including everything under the >> umbrella of OS fingerprinting, network service fingerprinting, etc. > > some folk consider these invasive > > randy
- Previous message (by thread): [mat-wg] Measuring IP address hijacking with RIPE Atlas?
- Next message (by thread): [mat-wg] Measuring IP address hijacking with RIPE Atlas?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ mat-wg Archives ]