[102701] in North American Network Operators' Group
Re: YouTube IP Hijacking
daemon@ATHENA.MIT.EDU (Hank Nussbacher)
Mon Feb 25 03:09:22 2008
Date: Mon, 25 Feb 2008 09:32:49 +0200
To: "Steven M. Bellovin" <smb@cs.columbia.edu>, nanog@merit.edu
From: Hank Nussbacher <hank@efes.iucc.ac.il>
In-Reply-To: <20080225053148.326ba730@cs.columbia.edu>
Errors-To: owner-nanog@merit.edu
At 05:31 AM 25-02-08 +0000, Steven M. Bellovin wrote:
>Seriously -- a number of us have been warning that this could happen.
>More precisely, we've been warning that this could happen *again*; we
>all know about many older incidents, from the barely noticed to the very
>noisy. (AS 7007, anyone?) Something like S-BGP will stop this cold.
>
>Yes, I know there are serious deployment and operational issues. The
>question is this: when is the pain from routing incidents great enough
>that we're forced to act? It would have been nice to have done
>something before this, since now all the world's script kiddies have
>seen what can be done.
"we've been warning that this could happen *again*" - this is happening
every day - just look to:
http://cs.unm.edu/~karlinjf/IAR/prefix.php?filter=most
http://cs.unm.edu/~karlinjf/IAR/subprefix.php?filter=most
for samples. Thing is - these prefix hijacks are not big ticket sites like
Youtube or Microsoft or Cisco or even whitehouse.gov - but rather just
sites that never make it onto the NANOG radar.
-Hank
