Regarding smaller prefix for hijack protection
arturo.servin at gmail.com
Thu Aug 30 14:08:01 UTC 2012
Sign your prefixes and create ROAs to monitor any suspicious activity.
There is an app for that:
Besides the normal service you can use also RPKI data to trigger alarms of possible hijacks
You can query periodically with a simple curl/wget to see if your prefix is valid or invalid (possibly hijacked), e.g. http://www.labs.lacnic.net/rpkitools/looking_glass/rest/all/cidr/126.96.36.199/23
Polluting the routing table to protect against hijacks should be the last option and against an attack that is happening, and not for "just in case".
On 30 Aug 2012, at 08:00, Suresh Ramasubramanian wrote:
> You might find your /24 routes filtered out at a lot of places that do
> have sensible route filtering
> But then yes, it'd protect you against the idiots who dont know bgp
> from a hole in the ground anyway and let whatever hijacking happen
> But I'd suggest do whatever such announcement if and only if you see a
> hijack, as a mitigation measure.
More information about the NANOG