24 May
2022
24 May
'22
3 p.m.
On 25 May 2022, at 5:45 am, Jakob Heitz (jheitz) via NANOG <nanog@nanog.org> wrote:
This attack will work very well until the victim starts advertising its prefix. The victim may not notice the fake advertisement because the fake advertisement will not reach the victim AS due to AS-path loop checking.
Often the best forms of attack are ones that are scoped in locality. Advertising the same prefix from a different location in BGP may create a localised preference to follow the synthesised route which is not visible everywhere. Sometimes this is exactly what the attacker wants to achieve. Geoff