nanog mailing list archives
Re: YouTube IP Hijacking
From: "Scott Francis" <darkuncle () gmail com>
Date: Mon, 25 Feb 2008 03:26:57 -0800
On Sun, Feb 24, 2008 at 10:49 PM, Sean Donelan <sean () donelan com> wrote:
On Mon, 25 Feb 2008, Steven M. Bellovin wrote: > How about state-of-the-art routing security? The problem is what is the actual trust model? Are you trusting some authority to not be malicious or never make a mistake? There are several answers to the malicious problem. There are fewer answers to never making a mistake problem.
[snip] +5, Insightful. The focus thus far seems to have been on establishing security on the basis of trusted senders (SPF for BGP, if you'll pardon my rather crude analogy). The impact of a mistake-based failure in a trusted scenario could actually be quite a bit higher than what we've seen thus far: 1) if data (e.g. routes) from a "trusted" source is allowed into a network (or used as a basis for decision-making) with minimal screening, attackers will immediately shift focus to spoofing trusted sources, just as they currently do in other scenarios; 2) the impact of a typo or other operator error when operating in "trusted mode" is much higher than that of mistakes from non-trusted sources (if 17557's upstream had trusted a little less - by not automatically propagating any new routes that showed up at the front door - the current incident could very well have amounted to little more than a log entry somewhere, and perhaps an email). I think what you and Steve Bellovin had to say about anti-mistake protocol and belt-and-suspenders should be garnering at least as much consideration as prevention of malicious attacks/forgeries/etc., considering the percentage of outages caused by operator error vs those caused by malice ... -- darkuncle@{gmail.com,darkuncle.net} || 0x5537F527 http://darkuncle.net/pubkey.asc for public key
Current thread:
- Re: YouTube IP Hijacking, (continued)
- Re: YouTube IP Hijacking Jim Mercer (Feb 25)
- RE: YouTube IP Hijacking michael.dillon (Feb 25)
- Re: YouTube IP Hijacking JC Dill (Feb 26)
- Re: YouTube IP Hijacking Steven M. Bellovin (Feb 24)
- Re: YouTube IP Hijacking Patrick W. Gilmore (Feb 24)
- Re: YouTube IP Hijacking Sean Donelan (Feb 24)
- Re: YouTube IP Hijacking Steven M. Bellovin (Feb 25)
- Secure BGP (Was: YouTube IP Hijacking) michael.dillon (Feb 25)
- Re: Secure BGP (Was: YouTube IP Hijacking) Jeroen Massar (Feb 25)
- Re: Secure BGP (Was: YouTube IP Hijacking) Sandy Murphy (Feb 25)
- Re: YouTube IP Hijacking Scott Francis (Feb 25)
- Re: YouTube IP Hijacking Hank Nussbacher (Feb 25)
- Re: YouTube IP Hijacking Patrick W. Gilmore (Feb 25)
- RE: YouTube IP Hijacking Tomas L. Byrnes (Feb 25)
- Re: YouTube IP Hijacking Josh Karlin (Feb 25)
- [admin] [summary] RE: YouTube IP Hijacking Alex Pilosov (Feb 25)
- Re: [admin] [summary] RE: YouTube IP Hijacking Danny McPherson (Feb 25)
- Re: [admin] [summary] RE: YouTube IP Hijacking Alex Pilosov (Feb 25)
- Re: [admin] [summary] RE: YouTube IP Hijacking Danny McPherson (Feb 25)
- Re: [admin] [summary] RE: YouTube IP Hijacking Danny McPherson (Feb 25)
- RE: [admin] [summary] RE: YouTube IP Hijacking Barry Greene (bgreene) (Feb 25)