Revealed: The Internet's well known BGP behavior

Anton Kapela tkapela at
Thu Aug 28 10:16:16 CDT 2008

I thought I'd toss in a few comments, considering it's my fault that
few people are understanding this thing yet.

>> On Thu, Aug 28, 2008 at 2:28 PM, Gadi Evron <ge at> wrote:
>>> People (especially spammers) have been hijacking networks for a while

I'd like to 'clear the air' here. Clearly, I failed at Defcon, WIRED,
AFP, and Forbes.

We all know sub-prefix hijacking is not news. What is news? Using
as-path loop detection to selectively blackhole the hijacked route -
which creates a transport path _back to_ the target.

That's all it is, nothing more. All but the WIRED follow-up article
missed this point *completely.* They over-represented the 'hijacking'
aspects, while only making mention of the 'interception' potential.

Lets end this thread with the point I had intended two weeks ago:
we've presented a method by which all the theory spewed by academics
can be actualized in a real network (the big-I internet) to effect
interception of data between (nearly) arbitrary endpoints from
(nearly) any edge or stub AS. That, I think, is interesting.


More information about the NANOG mailing list