Re: community real-time BGP hijack notification service

• From: Nathan Ward
• Date: Sat Sep 13 03:58:36 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

i am occasionally asked if there have been real bgp attacks (not slips).
the answer is, of course yes, but there are none which can be publicly
described. when bucks and embarrassment are involved, security through
obscurity seems to rule.

but tony and alex did us an enormous favor by publicly conducting such
an attack, see http://www.merit.edu/mailinglist/mailarchives/old_archive/msg10357.html

so, what i want to know is which, if any of the tools being discussed on
this thread *actually* did or could detect and/or mitigate the tony/ alex
defcon attack.

i appreciate the dozens of tools that detect and mitigate finger or
brain fumbles.  but those are not where the black hats are gonna go to
make the big bucks.

--
Nathan Ward

• References:
  • community real-time BGP hijack notification service Gadi Evron
  • Re: community real-time BGP hijack notification service Nathan Ward
  • Re: community real-time BGP hijack notification service Andy Davidson
  • Re: community real-time BGP hijack notification service Arnaud de Prelle
  • Re: community real-time BGP hijack notification service Matthew Moyle-Croft
  • Re: community real-time BGP hijack notification service Nathan Ward
  • Re: community real-time BGP hijack notification service Randy Bush

• Prev by Date: Re: community real-time BGP hijack notification service
• Next by Date: Re: New Intercage upstream
• Date Index
• Thread Index
• Author Index
• Historical