nanog mailing list archives

RE: YouTube IP Hijacking

From: "Tomas L. Byrnes" <tomb () byrneit net>
Date: Sun, 24 Feb 2008 20:38:29 -0800


Not if only trusted peers are allowed to advertise to that AS. It's the
same mechanism proposed for blackholing on destination to dampen DOS a
while back, except it is to prevent hijacking, and therefore doesn't run
afoul of the AT&T patent (and now the prior art for this is in the
public domain).

It's also something that can be built using the existing infrastructure,
and rough consensus.

-----Original Message-----
From: Owen DeLong [mailto:owen () delong com] 
Sent: Sunday, February 24, 2008 8:25 PM
To: Tomas L. Byrnes
Cc: Simon Lockhart; Michael Smith; neil.fenemor () fx net nz; 
will () harg net; nanog () merit edu
Subject: Re: YouTube IP Hijacking


On Feb 24, 2008, at 2:14 PM, Tomas L. Byrnes wrote:


I figured as much, but it was worth a try.

Which touches on the earlier discussion of the null routing of /32s 
advertised by a special AS (as a means of black-holing DDOS

traffic).


It seems to me that a more immediately germane matter regarding BGP 
route propagation is prevention of hijacking of critical routes.

Perhaps certain ASes that are considered "high priority",

like Google,

YouTube, Yahoo, MS (at least their update servers), can be

trusted to

propagate routes that are not aggregated/filtered, so as to

give them

control over their reachability and immunity to longer-prefix 
hijacking (especially problematic with things like MS update sites).

That's just inviting the injection of forged AS routes to 
commit abuse.

Owen

-----Original Message-----
From: Simon Lockhart [mailto:simon () slimey org]
Sent: Sunday, February 24, 2008 2:07 PM
To: Tomas L. Byrnes
Cc: Michael Smith; neil.fenemor () fx net nz; will () harg net; 
nanog () merit edu
Subject: Re: YouTube IP Hijacking

On Sun Feb 24, 2008 at 01:49:00PM -0800, Tomas L. Byrnes wrote:

Which means that, by advertising routes more specific

than the ones

they are poisoning, it may well be possible to restore universal 
connectivity to YouTube.


Well, if you can get them in there.... Youtube tried that,

to restore

service to the rest of the world, and the announcements didn't 
propogate.

Simon

Current thread:

Re: YouTube IP Hijacking, (continued)
- - - Re: YouTube IP Hijacking Jeroen Massar (Feb 26)
    - RE: YouTube IP Hijacking michael.dillon (Feb 26)
    - Re: YouTube IP Hijacking Dave Pooser (Feb 26)
    - RE: YouTube IP Hijacking Tomas L. Byrnes (Feb 26)
    - Re: YouTube IP Hijacking Dave Pooser (Feb 26)
    - RE: YouTube IP Hijacking Steve Gibbard (Feb 26)
    - Re: YouTube IP Hijacking Danny McPherson (Feb 26)
    - Re: YouTube IP Hijacking brett watson (Feb 26)
    - Re: YouTube IP Hijacking Stephane Bortzmeyer (Feb 26)
    - Re: YouTube IP Hijacking Owen DeLong (Feb 24)
    - RE: YouTube IP Hijacking Tomas L. Byrnes (Feb 24)
    - Re: YouTube IP Hijacking Rick Astley (Feb 24)
    - Re: YouTube IP Hijacking Simon Leinen (Feb 26)
    - Re: YouTube IP Hijacking sthaug (Feb 24)
  - RE: YouTube IP Hijacking Campbell, Alex (Feb 24)
- RE: YouTube IP Hijacking Paul Ferguson (Feb 24)
  - Re: YouTube IP Hijacking Daniel Roesen (Feb 24)
- Re: YouTube IP Hijacking Paul Ferguson (Feb 24)
  - RE: YouTube IP Hijacking Paul Stewart (Feb 24)
    - Re: YouTube IP Hijacking Jason (Feb 24)
    - RE: YouTube IP Hijacking Paul Stewart (Feb 25)

(Thread continues...)