This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[routing-wg] Prefix hijacking possibility
- Previous message (by thread): [routing-wg] Prefix hijacking possibility
- Next message (by thread): [routing-wg] Implementation of "pingable:" attribute in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Mon Feb 21 00:47:20 CET 2011
> In the most cases of real hijacks I know, the origin was the real ASN of > the prefix. It is easy, like this (cisco style): > > router bgp $EVIL_AS > network $TARGET_SITE_IP/24 route-map INSERT_ASN > ... > route-map INSERT_ASN permit 1 > set as-path prepend $TARGET_SITE_ASN for *real* attacks, yes. but 99% of mis-announcements are fat fingers, and do not have the correct asn in the origin. > If you need to fight with the hijacks, you SURE need to check and filter > the WHOLE chain of route. agree completely. see new sidr wg charter randy
- Previous message (by thread): [routing-wg] Prefix hijacking possibility
- Next message (by thread): [routing-wg] Implementation of "pingable:" attribute in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]