Routing Insecurity (Re: BGP in the Washington Post)

• Previous message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Next message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 1, 2015 at 8:21 AM, Mark Tinka <mark.tinka at seacom.mu> wrote:

>
>
> On 1/Jun/15 17:04, Mike Hammett wrote:
> > Actually, that's the level of attention given to all kinds of
> infrastructure just about everywhere. ;-)
>
> The difference is that there are standardized (global) guidelines for
> those infrastructures within their own industry, that lack of compliance
> can lead to serious fines, jail time or both.
>
> A network operator unmaliciously screwing up their BGP configuration and
> taking one side of a continent out is unlikely to see any punishment
> beyond being fired by his employer, or losing his customers if
> self-employed.
>
> Mark.
>


Also, the internet usually works pretty good-ish and the janitors clean up
the messes pretty quick-ish.

That said, i believe the BGP situation is completely hygienic relative to
the DDoS issues going on that could be solved by BCP38 and otherwise fixing
poorly admin'd DNS, NTP, CHARGEN, and SSDP nodes.  The aforementioned
janitors are pretty powerless on this front... and... various parties on
all side are looking to cash in (booters on one side, web scrubbers on the
other)... which is a very dangerous arms race with real money on both sides
looking to escalate the harm / fix.

CB

• Previous message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Next message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]