[164782] in North American Network Operators' Group
BGP related question
daemon@ATHENA.MIT.EDU (Shah, Parthiv)
Thu Aug 1 11:24:34 2013
From: "Shah, Parthiv" <Parthiv.Shah@theclearinghouse.org>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Thu, 1 Aug 2013 10:00:02 -0400
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
My apology if I am asking for a repeat question on the list. On 7/29/13 I r=
ead an incident about accidental BGP broadcast see article here https://isc=
.sans.edu/diary/BGP+multiple+banking+addresses+hijacked/16249 or older 2008=
incident http://www.renesys.com/2008/02/pakistan-hijacks-youtube-1/
My questions:
1) I would like to understand how can we detect and potentially preven=
t activities like this? I understand native BGP was not design to authentic=
ate IP owners to the BGP broadcaster. Therefore, issues like this due to a =
human error would happen. How can activities like this be detected as this =
is clearly a threat if someone decides to broadcast IP networks of an organ=
ization and knock the real org. off the Net. 2) In reference to prevention,=
I recall there were discussions about secure BGP (S-BGP), Pretty Good BGP,=
or Secure Original BGP but I don't remember if any one of them was finaliz=
ed (from practicality viewpoint) and if any one of them is implementable/en=
forceable by ISPs (do anyone have any insight)? 3) If I was to ask for an o=
pinion, from your viewpoint which one is better and why and which one is no=
t doable and why not?
Thank you in advance,
Parthiv
This e-mail may contain information that is privileged or confidential. If =
you are not the intended recipient, please delete the e-mail and notify us =
immediately.
