[AusNOG] BGP injection / IP Hijacking / Peer Trust

Sean K. Finn Sean.Finn at ozservers.com.au
Thu Aug 28 11:28:26 EST 2008


Hi All,

http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html

There seems to be some publicity about hijacking other's IP ranges with BGP to snoop/sniff/intercept traffic.

Now, of course this is a known thing, and thankfully doesn't happen too much in Australia, but I've noticed one thing from the flamewar that starts with the comments at the end of this  article.

It appears that one can rent a server or two, link into peering fabric at several points in the U.S, and announce just about anyone's range to intercept traffic then re-broadcast it.
Effectively placing themselves inside a trusted portion of the network where no filtering on announcements is done

When the Big G, Google, presented at AUSNOG2 and stated that they were looking to form unilateral peering and declined to comment on multilateral peering, and suddenly, after reading this article, it began to make sense.

Do you trust your PEERS at a multi-lateral peering point? Obviously for some, the answer is no.

Thankfully here in Aus most players know most other players that are peering or announcing on WAIX, PIPE, Equinix etc, so it's not such a big deal with random elements hooking in and sniffing our traffic if they manage to be able to advertise our IP ranges.

My question / comments / ponderings to the list are really

-What's more trustworthy, a carrier unilateral peering relationship, unilateral peering, multilateral peering.

If Multilateral peering is shaping up to being such a trust issue, does anyone have any comment or suggestions on how we can *maintain* the trust of the current state of peering in Australia so that we are not affected by this scourge in the future?

I'm just throwing it out there.

Cheers,
Sean K Finn.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20080828/0ca8174e/attachment.html>


More information about the AusNOG mailing list