> On 25 May 2022, at 5:45 am, Jakob Heitz (jheitz) via NANOG <nanog@nanog.org> > wrote: > > This attack will work very well until the victim starts advertising > its prefix. The victim may not notice the fake advertisement because the fake > advertisement will not reach the victim AS due to AS-path loop checking.
Often the best forms of attack are ones that are scoped in locality. Advertising the same prefix from a different location in BGP may create a localised preference to follow the synthesised route which is not visible everywhere. Sometimes this is exactly what the attacker wants to achieve. Geoff