ISP's who where affected by the misconfiguration: start using IRR and checking your BGP updates (Was: YouTube IP Hijacking)

• Previous message (by thread): YouTube IP Hijacking
• Next message (by thread): ISP's who where affected by the misconfiguration: start using IRR and checking your BGP updates (Was: YouTube IP Hijacking)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

First the operational portion:

For all the affected network owners, please read and start 
using/implement one of the following excellent ideas:

* Pretty Good BGP and the Internet Alert Registry
   http://www.nanog.org/mtg-0606/pdf/josh-karlin.pdf

* PHAS: A Prefix Hijack Alert System
   http://irl.cs.ucla.edu/papers/originChange.pdf
   (A live/direct BGP-feed version of this would be neat)

* Routing Registry checking, as per the above two
   rr.arin.net & whois.ripe.net contains all the data you need
   Networks who are not in there are simply not important enough to
   exist on the internet as clearly those ops folks don't care about
   their network...

Of course there is also (S-)BGP(-S), but that will apparently never 
happen, and actually, with the a system like PGBGP or PHAS one already 
covers quite a bit of the issue, until a real hijacker just uses the 
original ASN. IRR data helps there partially though as it tends to have 
upstream/downstream information, but it doesn't cover all cases.


For the rest google(bgp monitor hijack) for a list of other things.

Now for the sillynesss....

<non-ops political blabla FUD>

Max Tulyev wrote:
> 
> I think it was NOT a typo. This was a test, much more important test for 
> this world than last american anti-satellite missile.
> 
> And if they do it again with more mind, site will became down for a 
> weeks at least... More of that, if big national telecom operator did it 
> and have neighbors to filter them out - it can lead to global split of 
> the network.
> 
> Of course, it should be happened early or late with THIS design of the 
> Network.

Oh boy oh boy, I just have to comment on this :)

Wow, somebody with an email address like yours, especially the president 
and the .su bit are amusing, is commenting on another country doing 
'tests'!? You might actually try keeping your bombers closer to the 
shores instead of trying to play chicken with the USS Nimitz :)

http://www.upi.com/NewsTrack/Top_News/2008/02/11/russian_bomber_buzzes_nimitz/5914/

In Soviet Russia the Internet hijacks you?

Please folks, keep the posts operational :)

</non-ops political blabla FUD>

Greets,
  Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20080224/e4da33b4/attachment.sig>

• Previous message (by thread): YouTube IP Hijacking
• Next message (by thread): ISP's who where affected by the misconfiguration: start using IRR and checking your BGP updates (Was: YouTube IP Hijacking)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]