celebrating 10 years of routing insecurity
job at ntt.net
Fri Aug 10 12:30:38 UTC 2018
Today marks the 10th anniversary of the famous Kapela-Pilosov
Man-in-the-middle BGP attack! It is a fantastic and innovative attack
that would be worthy of referencing in the next Mr Robot season. :-)
So, what is the state of routing security anno 2018?
It seems that as an industry we're on an upwards trajectory: various IRR
registries are locking themselves down to prevent creation of
unauthorized route(6) objects, new filter generation tools are becoming
available, RPKI based BGP Origin Validation is slowly seeing more and
more deployment, and the concept of blocking route announcements with
improbable AS_PATHs is gaining popularity as well.
Let's see where we are 10 years from now!
More information about the NANOG