community real-time BGP hijack notification service

• Previous message (by thread): community real-time BGP hijack notification service
• Next message (by thread): community real-time BGP hijack notification service
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13/09/2008, at 1:14 AM, Christian Koch wrote:

> Maybe a better idea would be if you were able to input your origin asn
> and define your upstreams and/or peers, to be alerted on as well. (ie:
> Do not alert me on any paths containing  123_000, 456_000, 789_000).


Again, that is trivially easy to falsify.

My best quick hack solution so far is to fire off a traceroute and  
make sure that the traceroute gets ICMP TTL expire messages from IP  
addresses that are in prefixes originated from all the ASes in the  
ASPATH.
Still forgeable, but a bit more difficult.. still far from perfect  
though.

--
Nathan Ward

• Previous message (by thread): community real-time BGP hijack notification service
• Next message (by thread): community real-time BGP hijack notification service
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]