community real-time BGP hijack notification service

Nathan Ward nanog at
Sat Sep 13 02:58:21 CDT 2008

On 13/09/2008, at 7:21 PM, Randy Bush wrote:

> i am occasionally asked if there have been real bgp attacks (not  
> slips).
> the answer is, of course yes, but there are none which can be publicly
> described.  when bucks and embarrassment are involved, security  
> through
> obscurity seems to rule.
> but tony and alex did us an enormous favor by publicly conducting such
> an attack, see
> so, what i want to know is which, if any of the tools being  
> discussed on
> this thread *actually* did or could detect and/or mitigate the tony/ 
> alex
> defcon attack.
> i appreciate the dozens of tools that detect and mitigate finger or
> brain fumbles.  but those are not where the black hats are gonna go to
> make the big bucks.

Yep, that was my point before.

My concern is that unless there is big bold text saying that it's not  
a solution, and then reference to longer optional text for those that  
care about why, people will get a false sense of security.

Nathan Ward

More information about the NANOG mailing list