[102694] in North American Network Operators' Group
Re: YouTube IP Hijacking
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon Feb 25 00:46:28 2008
Date: Mon, 25 Feb 2008 05:31:48 +0000
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: nanog@merit.edu
In-Reply-To: <4B1EF521-7843-4429-819F-1F6BD18071A5@ianai.net>
Errors-To: owner-nanog@merit.edu
On Sun, 24 Feb 2008 20:42:51 -0500
"Patrick W. Gilmore" <patrick@ianai.net> wrote:
> > 4: With state of the art security and operations.
>
> I think we agree, but I wouldn't have said it like that.
>
How about state-of-the-art routing security?
Seriously -- a number of us have been warning that this could happen.
More precisely, we've been warning that this could happen *again*; we
all know about many older incidents, from the barely noticed to the very
noisy. (AS 7007, anyone?) Something like S-BGP will stop this cold.
Yes, I know there are serious deployment and operational issues. The
question is this: when is the pain from routing incidents great enough
that we're forced to act? It would have been nice to have done
something before this, since now all the world's script kiddies have
seen what can be done.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
