.
https://arstechnica.com/information-technology/2018/11/major-bgp-mishap-takes-down-google-as-traffic-improperly-travels-to-china/
On Tue, Nov 13, 2018 at 3:16 PM Binh Lam wrote:
> Dear AusNOG..
>
> The latest News about route hijacked, again raises the concerns about
> potential route
On 13 Nov 2018, at 13:50, Paul Wilkins wrote:
> If RPKI only had the same chain of trust for in-addr.arpa as the rest
> of DNS does back to iana.
Strong route origin policies via RPKI, plus
draft-azimov-sidrops-aspa-verification-01 &
draft-ietf-grow-rpki-as-cones-00 are ultimately the way
What I think's interesting is that route filters are still the go to for
BGP authentication.
Nobody steals DNS to the degree of BGP, because DNS has solid PKI
authentication.
If RPKI only had the same chain of trust for in-addr.arpa as the rest of
DNS does back to iana.
Kind regards
Paul
On 13 Nov 2018, at 11:53, Binh Lam wrote:
> just to whom who provided critical infrastructures (ie, email, DNS
> hosting, cloud providers,
> online banking sites subnets, high profile sensitive online sites ,
> etc..)
This is both untenable and undesirable. Nor is Internet nor 'critical
On Tue, Nov 13, 2018 at 3:34 PM Aftab Siddiqui
wrote:
> Hi Binh,
> Thanks for sharing this. The most likely issue is NO prefix filtering at
> China Telecom end. Mainone (AS37282) leaked probably everything they
> learned from IXPN (Lagos IXP) Route Server to its direct peer AS4809 (China
>
Hi Binh,
Thanks for sharing this. The most likely issue is NO prefix filtering at
China Telecom end. Mainone (AS37282) leaked probably everything they
learned from IXPN (Lagos IXP) Route Server to its direct peer AS4809 (China
Telecom).
I have presented the status of BOGON announcements, Prefix
Dear AusNOG..
The latest News about route hijacked, again raises the concerns about
potential route hijacked, it can happen anytime to anyone..
https://www.itnews.com.au/news/route-leak-sends-google-cloud-traffic-to-russia-515489
how to prevent it?
looking at the prefix was hijacked...
whois