[102672] in North American Network Operators' Group
RE: YouTube IP Hijacking
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Sun Feb 24 17:49:26 2008
From: "Paul Ferguson" <fergdawg@netzero.net>
Date: Sun, 24 Feb 2008 22:41:26 GMT
To: tomb@byrneit.net
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
-- "Tomas L. Byrnes" <tomb@byrneit.net> wrote:
>It seems to me that a more immediately germane matter regarding BGP
>route propagation is prevention of hijacking of critical routes.
>
The best you can _probably_ hope for is a opt-in mechanism in
which you are alerted that prefixes you have "registered" with the
aforementioned system are being originated by an ASN which is not
authorized to originate them.
A lot of smart folks have given some thought to this exact issue,
and perhaps one of the best examples of this is:
"PHAS: A Prefix Hijack Alert System"
Mohit Lad, Dan Massey, Dan Pei, Yiguo Wu, Beichuan Zhang, and
Lixia Zhang
Proceedings of 15th USENIX Security Symposium 2006
http://www.cs.ucla.edu/~mohit/cameraReady/ladSecurity06.pdf
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
