Home page logo

nanog logo nanog mailing list archives

Re: Regarding smaller prefix for hijack protection
From: Arturo Servin <arturo.servin () gmail com>
Date: Thu, 30 Aug 2012 10:08:01 -0400

        Or better.

        Sign your prefixes and create ROAs to monitor any suspicious activity.

        There is an app for that:

Besides the normal service you can use also RPKI data to trigger alarms of possible hijacks

You can query periodically with a simple curl/wget to see if your prefix is valid or invalid (possibly hijacked), e.g. 

        Polluting the routing table to protect against hijacks should be the last option and against an attack that is 
happening, and not for "just in case".


On 30 Aug 2012, at 08:00, Suresh Ramasubramanian wrote:

You might find your /24 routes filtered out at a lot of places that do
have sensible route filtering

But then yes, it'd protect you against the idiots who dont know bgp
from a hole in the ground anyway and let whatever hijacking happen

But I'd suggest do whatever such announcement if and only if you see a
hijack, as a mitigation measure.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]