[prev in list] [next in list] [prev in thread] [next in thread]
List: nanog
Subject: Re: Real-time BGP hijacking detection: ARTEMIS-1.0.0 just released
From: Hank Nussbacher <hank () efes ! iucc ! ac ! il>
Date: 2018-12-22 15:51:18
Message-ID: 532fd755-ed75-cbfc-d640-7415c4454c95 () efes ! iucc ! ac ! il
[Download RAW message or body]
On 21/12/2018 17:10, Jared Mauch wrote:
So expect now BGP hijackers to announce /25s from here on in. They
generally adopt BCPs faster than providers.
-Hank
> Folks have studied announcing a /25 etc.. and it can help because many providers \
> will accept them.. it won't get everyone, but longer than /24 prefixes do help.
> - Jared
>
> > On Dec 21, 2018, at 10:07 AM, Kody Vicknair <kvicknair@reservetele.com> wrote:
> >
> > I'm curious, If the highjacked prefix is a /24 (subset of your much larger /22) \
> > and you can only tie the highjacked prefix, at that point how effective is the \
> > mitigation outside of a default bgp route selection process?
> >
> >
> >
> >
> >
> > -----Original Message-----
> > From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Vasileios Kotronis
> > Sent: Thursday, December 20, 2018 11:23 AM
> > To: nanog@nanog.org
> > Subject: Real-time BGP hijacking detection: ARTEMIS-1.0.0 just released
> >
> > Dear operators,
> >
> > FORTH's INSPIRE group and CAIDA are delighted to announce the public release of \
> > the ARTEMIS BGP prefix hijacking detection tool, available as open-source \
> > software at https://github.com/FORTH-ICS-INSPIRE/artemis
> > ARTEMIS is designed to be operated by an AS in order to monitor BGP for potential \
> > hijacking attempts against its own prefixes. The system detects such attacks \
> > within seconds, enabling immediate mitigation. The current release has been \
> > tested at a major greek ISP, a dual-homed edge academic network, and a major US \
> > R&E backbone network.
> > We would be happy if you'd give it a try and provide feedback. Feel free to make \
> > pull requests on GitHub and help us make this a true community project.
> > ARTEMIS is funded by European Research Council (ERC) grant agreement no.
> > 338402 (NetVolution Project), the RIPE NCC Community Projects 2017, the Comcast \
> > Innovation Fund, US NSF grants OAC-1848641 and CNS-1423659 and US DHS S&T \
> > contract HHSP233201600012C.
> > Best regards,
> > Vasileios
> >
> > --
> > =======================================
> > Vasileios Kotronis
> > Postdoctoral Researcher, member of the INSPIRE Group INSPIRE = INternet Security, \
> > Privacy, and Intelligence REsearch Telecommunications and Networks Lab (TNL) \
> > Foundation for Research and Technology - Hellas (FORTH) Leoforos Plastira 100, \
> > Heraklion 70013, Greece e-mail : vkotronis@ics.forth.gr
> > url: http://inspire.edu.gr
> > =======================================
> >
> >
> >
> >
> >
> >
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic