North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
ISP's who where affected by the misconfiguration: start using IRR and checking your BGP updates (Was: YouTube IP Hijacking)
First the operational portion:
For all the affected network owners, please read and start using/implement one of the following excellent ideas:
* Pretty Good BGP and the Internet Alert Registry http://www.nanog.org/mtg-0606/pdf/josh-karlin.pdf
* PHAS: A Prefix Hijack Alert System http://irl.cs.ucla.edu/papers/originChange.pdf (A live/direct BGP-feed version of this would be neat)
* Routing Registry checking, as per the above two rr.arin.net & whois.ripe.net contains all the data you need Networks who are not in there are simply not important enough to exist on the internet as clearly those ops folks don't care about their network...
Of course there is also (S-)BGP(-S), but that will apparently never happen, and actually, with the a system like PGBGP or PHAS one already covers quite a bit of the issue, until a real hijacker just uses the original ASN. IRR data helps there partially though as it tends to have upstream/downstream information, but it doesn't cover all cases.
For the rest google(bgp monitor hijack) for a list of other things.
Now for the sillynesss....
<non-ops political blabla FUD>
Max Tulyev wrote:
Oh boy oh boy, I just have to comment on this :)
Wow, somebody with an email address like yours, especially the president and the .su bit are amusing, is commenting on another country doing 'tests'!? You might actually try keeping your bombers closer to the shores instead of trying to play chicken with the USS Nimitz :)
In Soviet Russia the Internet hijacks you?
Please folks, keep the posts operational :)
</non-ops political blabla FUD>