'Re: Real-time BGP hijacking detection: ARTEMIS-1.0.0 just released'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nanog
Subject:    Re: Real-time BGP hijacking detection: ARTEMIS-1.0.0 just released
From:       Hank Nussbacher <hank () efes ! iucc ! ac ! il>
Date:       2018-12-22 15:51:18
Message-ID: 532fd755-ed75-cbfc-d640-7415c4454c95 () efes ! iucc ! ac ! il
[Download RAW message or body]

On 21/12/2018 17:10, Jared Mauch wrote:

So expect now BGP hijackers to announce /25s from here on in.   They 
generally adopt BCPs faster than providers.

-Hank

> Folks have studied announcing a /25 etc.. and it can help because many providers \
> will accept them.. it won't get everyone, but longer than /24 prefixes do help. 
> - Jared
> 
> > On Dec 21, 2018, at 10:07 AM, Kody Vicknair <kvicknair@reservetele.com> wrote:
> > 
> > I'm curious, If the highjacked prefix is a /24 (subset of your much larger /22) \
> > and you can only tie the highjacked prefix, at that point how effective is the \
> > mitigation outside of a default bgp route selection process? 
> > 
> > 
> > 
> > 
> > 
> > -----Original Message-----
> > From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Vasileios Kotronis
> > Sent: Thursday, December 20, 2018 11:23 AM
> > To: nanog@nanog.org
> > Subject: Real-time BGP hijacking detection: ARTEMIS-1.0.0 just released
> > 
> > Dear operators,
> > 
> > FORTH's INSPIRE group and CAIDA are delighted to announce the public release of \
> > the ARTEMIS BGP prefix hijacking detection tool, available as open-source \
> > software at https://github.com/FORTH-ICS-INSPIRE/artemis 
> > ARTEMIS is designed to be operated by an AS in order to monitor BGP for potential \
> > hijacking attempts against its own prefixes. The system detects such attacks \
> > within seconds, enabling immediate mitigation. The current release has been \
> > tested at a major greek ISP, a dual-homed edge academic network, and a major US \
> > R&E backbone network. 
> > We would be happy if you'd give it a try and provide feedback. Feel free to make \
> > pull requests on GitHub and help us make this a true community project. 
> > ARTEMIS is funded by European Research Council (ERC) grant agreement no.
> > 338402 (NetVolution Project), the RIPE NCC Community Projects 2017, the Comcast \
> > Innovation Fund, US NSF grants OAC-1848641 and CNS-1423659 and US DHS S&T \
> > contract HHSP233201600012C. 
> > Best regards,
> > Vasileios
> > 
> > --
> > =======================================
> > Vasileios Kotronis
> > Postdoctoral Researcher, member of the INSPIRE Group INSPIRE = INternet Security, \
> > Privacy, and Intelligence REsearch Telecommunications and Networks Lab (TNL) \
> > Foundation for Research and Technology - Hellas (FORTH) Leoforos Plastira 100, \
> >                 Heraklion 70013, Greece e-mail : vkotronis@ics.forth.gr
> > url: http://inspire.edu.gr
> > =======================================
> > 
> > 
> > 
> > 
> > 
> > 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic