community real-time BGP hijack notification service

Andy Davidson andy at nosignal.org
Fri Sep 12 14:07:38 UTC 2008


On 12 Sep 2008, at 13:49, Nathan Ward wrote:

> On 12/09/2008, at 10:42 PM, Gadi Evron wrote:
>> Hi, WatchMy.Net is a new community service to alert you when your  
>> prefix
>> has been hijacked, in real-time.
> I just had a quick play with this, as I've been considering hacking  
> together something similar.

Everyone with any interest in this topic should look at the MyASN  
service from the RIPE NCC (which I use and think is brilliant).

http://www.ris.ripe.net/myasn.html

"
The MyASN service notifies network operators when a prefix is  
announced with an incorrect AS path. An AS path is seen as incorrect  
when it does not match with a regular expression. As not everyone is  
familiar with regular expressions, MyASN provides several easy ways to  
define typical checks, like "the origin of this prefix must be AS x"  
or "the origin of this prefix must be AS x and transit may be provided  
through y or z". However, as any AS path regular expression can be  
set, the MyASN service is suitable for regular expressions gurus as  
well.
"

To address Nathan's point, I recommend the RIPE service because for  
such a service to be ubiquitously useful, it needs to have many eyes  
(a view of routing tables at lots of points on the internet) which is  
where the very well peered situation of RIS comes into effect.  At the  
last RIPE meeting I think i saw RIS had over 600 peers, which it  
collects at internet exchange points all over the world.


best wishes
Andy




More information about the NANOG mailing list