community real-time BGP hijack notification service

Gadi Evron ge at linuxbox.org
Fri Sep 12 18:37:23 CDT 2008


On Fri, 12 Sep 2008, Heather Schiller wrote:
> Gadi Evron wrote:
>> On Fri, 12 Sep 2008, Skywing wrote:
>>> It might be useful to have an option to generate an example alert mail for 
>>> purposes of setting up necessary mail processing rules and that sort. 
>>> Just a thought.
>> 
>> Good point. Any suggestions from folks here on how they would like it to be 
>> built?
>> 
>
> Could you throw up a page that tells a little about what logic is used, what 
> you check, where you get feeds from and how often, so that people can 
> evaluate the differences between checkmy.net, phas, IRU and MYAsn?
>
> --Heather

I don't see why not. But whilw we take this very seriously and so 
release only when a phase is done, it is a free-time based project. 
Therefore, while we will definitely do so... I can't commit it will be 
very soon.

Much like other coders, while we appreciate documentation.. being very 
busy theorizing on what we already did will take some motivational coffee 
or a free evening. Comparing ourselves to other services... well, maybe 
some magazine will run a comperative testing. :)

 	Gadi.

>
>> 
>>> 
>>> - S
>>> 
>>> -----Original Message-----
>>> From: Gadi Evron [mailto:ge at linuxbox.org]
>>> Sent: Friday, September 12, 2008 3:13 PM
>>> To: Kevin Oberman
>>> Cc: nanog at merit.edu
>>> Subject: Re: community real-time BGP hijack notification service
>>> 
>>> On Fri, 12 Sep 2008, Kevin Oberman wrote:
>>>> Looks interesting, but it only takes a fairly short list of ASNs for a
>>>> prefix. For our big CIDR blocks, we have WAY too many ASNs to enter them
>>>> all, so it's pretty useless for me. I need to be able to enter at very
>>>> least a dozen ASes and I suspect may folks have a LOT more then that.
>>> 
>>> I am sure we can fix that, Thanks for the comment!
>>> 
>>>> For now, I'll enter some shorter pieces from the block, but I'm most
>>>> concerned with the pieces that are not currently assigned, so are
>>>> available for hijack. I have added the larger, unassigned blocks. I'll
>>>> start adding assigned bits and pieces as well as unassigned pieces, but
>>>> being able to put all valid origin ASes in the list for the full blocks
>>>> would be a lot nicer.
>>> 
>>> Please let us know if you encounter any issues.
>>> 
>>> 
>>>> -- 
>>>> R. Kevin Oberman, Network Engineer
>>>> Energy Sciences Network (ESnet)
>>>> Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
>>>> E-mail: oberman at es.net                        Phone: +1 510 486-8634
>>>> Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
>>>> 
>>> 
>>> 
>> 
>> 
>
>




More information about the NANOG mailing list