[lacnog] Fwd: What to do about BGP Hijacks
Carlos M. Martinez
carlosm3011 en gmail.com
Mar Dic 19 11:46:03 BRST 2017
> From: Job Snijders <job en ntt.net>
> To: nanog en nanog.org
> Subject: What to do about BGP Hijacks
> Date: Thu, 14 Dec 2017 05:45:57 +0000
> Some carriers view measures to improve routing security as a
> rather than as a safeguard to enable business. The BGP protocol itself
> no inherent safety mechanisms, so the network operator has to ensure
> adequate layers of protection are implemented on the boundary between
> own network and the Internet.
> Normalcy bias may play a role, I see carriers target short term gain
> heavily relying on the assumption that there will never be any
> misconfigurations or malicious attacks. Of course yesterday’s
> shows otherwise.
> For many networks the topic of routing security becomes a priority,
> after they've suffered the consequences of an incident.
> In the long term, the best way to protect against this type of BGP
> hijacking is to require your connectivity suppliers to implement
> security measures. Also require full incident reports after BGP
> through your provider or IXP have been observed.
> The moment it becomes socially unacceptable to operate an Internet
> without adequate protections in place, there is economic incentive to
> routing security efforts as a competitive advantage rather than a
> Consider voting with your wallet, this applies to both IP transit
> and IXP route server operators. Ask your suppliers what they are doing
> prevent BGP hijacks.
> Ars Technica has a great write-up on the latest BGP hijacking
> This MANRS article is on point as well:
> Kind regards,
Más información sobre la lista de distribución LACNOG