North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: YouTube IP Hijacking

  • From: Hank Nussbacher
  • Date: Mon Feb 25 03:19:36 2008

At 05:31 AM 25-02-08 +0000, Steven M. Bellovin wrote:

Seriously -- a number of us have been warning that this could happen.
More precisely, we've been warning that this could happen *again*; we
all know about many older incidents, from the barely noticed to the very
noisy.  (AS 7007, anyone?)  Something like S-BGP will stop this cold.

Yes, I know there are serious deployment and operational issues.  The
question is this: when is the pain from routing incidents great enough
that we're forced to act?  It would have been nice to have done
something before this, since now all the world's script kiddies have
seen what can be done.

"we've been warning that this could happen *again*" - this is happening every day - just look to:
http://cs.unm.edu/~karlinjf/IAR/prefix.php?filter=most
http://cs.unm.edu/~karlinjf/IAR/subprefix.php?filter=most
for samples. Thing is - these prefix hijacks are not big ticket sites like Youtube or Microsoft or Cisco or even whitehouse.gov - but rather just sites that never make it onto the NANOG radar.

-Hank