Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)

• Previous message (by thread): Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
• Next message (by thread): Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

15.05.22 00:19, Nick Hilliard пише:
> a malicious actor will spoof the origin AS.  The aim of RPKI to help 
> stop mis-origination of prefixes, and the root cause of most of this is 
> accidental.

To make a working hijack of the routed prefix (for sniffing traffic, 
DDoS or something similar), you have to announce a more specific 
prefix(es). It can be denied by RPKI.

If you signed RPKI prefix is still unannounced - yes, somebody can 
hijack it by forging the origin ASN - that's quite easy.

• Previous message (by thread): Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
• Next message (by thread): Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]