On Wed, Aug 7, 2013 at 2:13 AM, Martin T <m4rtntns@gmail.com> wrote:
Ok. And such attacks have happened in the past? For example one could do a pretty widespread damage for at least short period of time if it announces for example some of the root DNS server prefixes(as long prefixes as possible) to it's upstream provider and as upstream provider probably prefers client traffic over it's peerings or upstreams, it will prefer those routes by malicious ISP for all the traffic to root DNS servers?
Historically, most prefix hijacks have been accidental, generally due to configuration error -- for instance: http://www.renesys.com/2008/02/pakistan-hijacks-youtube-1/ Having said that, there are quite a few documented cases of it being done intentionally, and for nefarious purposes. - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com