[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
questions regarding prefix hijacking
- Subject: questions regarding prefix hijacking
- From: marka at isc.org (Mark Andrews)
- Date: Thu, 08 Aug 2013 10:20:21 +1000
- In-reply-to: Your message of "Wed, 07 Aug 2013 02:03:45 -0700." <CANQy6Fb2cv+bdtaz7LVx0G_D0FbxJYqSr=ki5Hfm_9QOum1cnw@mail.gmail.com>
- References: <CAJx5YvFPgJwM_hSVdPhEAc3oOjyiNLGNCi=Zo=pX_WPB8UnwHA@mail.gmail.com> <[email protected]> <CANQy6Fb2cv+bdtaz7LVx0G_D0FbxJYqSr=ki5Hfm_9QOum1cnw@mail.gmail.com>
In message <CANQy6Fb2cv+bdtaz7LVx0G_D0FbxJYqSr=ki5Hfm_9QOum1cnw at mail.gmail.com>
, Paul Ferguson writes:
> On Wed, Aug 7, 2013 at 1:58 AM, Saku Ytti <saku at ytti.fi> wrote:
>
> > On (2013-08-07 11:20 +0300), Martin T wrote:
> >
> >> on Internet? Has there been such situations in history? Isn't there a
> >> method against such hijacking? Or have I misunderstood something and
> >> this isn't possible?
> >
> > Certainly practical scenario, but in many cases not needed at all. In most
> > cases upstream does not do any automatic prefix filter generation, it's
> > maybe somewhat popular in mid-sized european shops but generally not too
> > common.
> >
> > There is active on-going work to secure BGP and you may want to read up on
> > 'RPKI' which is further along that track.
> >
>
> I hope it has better adoption than BCP38/BCP84. :-)
SIDR should help with BCP38/BCP84 as it allows correct filters to
be securely built.
Mark
> - ferg
>
> --
> "Fergie", a.k.a. Paul Ferguson
> fergdawgster(at)gmail.com
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org