[148669] in North American Network Operators' Group
Re: Argus: a hijacking alarm system
daemon@ATHENA.MIT.EDU (Yang Xiang)
Fri Jan 20 05:41:32 2012
In-Reply-To: <4F194029.7020105@unfix.org>
From: Yang Xiang <xiangy08@csnet1.cs.tsinghua.edu.cn>
Date: Fri, 20 Jan 2012 18:39:23 +0800
To: Jeroen Massar <jeroen@unfix.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
_________________________________
Yang Xiang . about.me/xiangyang
Ph.D candidate. Tsinghua University
Argus: argus.csnet1.cs.tsinghua.edu.cn
2012/1/20 Jeroen Massar <jeroen@unfix.org>
> On 2012-01-20 10:47 , Yang Xiang wrote:
> > Hi,
> >
> > I build a system =91Argus=92 to real-timely alert prefix hijackings.
> > Argus monitors the Internet and discovers anomaly BGP updates which
> caused
> > by prefix hijacking.
> > When Argus discovers a potential prefix hijacking, it will advertise it
> in
> > a very short time,
> > both in our website (http://argus.csnet1.cs.tsinghua.edu.cn) and the
> > mailing list (argus@csnet1.cs.tsinghua.edu.cn).
>
> But the big question of 2012 [*] is: does it do IPv6.
>
> The last 99 anomalies don't show any info there.
>
Yes, it's only v4 now :(
But I'm trying to do so.
It needs enough (dozens of) public IPv6 router-servers to do the job.
Actually the system only need to execute 'ping6' and 'show ipv6 bgp' in the
IPv6 route-server.
Hope I can find enough v6 route-servers before Jun 6 :)
>
>
> Greets,
> Jeroen
>
>
> [*] We got a http://ipv6week.org/ and http://www.worldipv6launch.org/
> this year ;)
>
>
>
