20 Sep
2022
20 Sep
'22
1:39 p.m.
Way overdue! In the last 4 weeks, I've had at least 20 diff conversations with FSI Network operators re: BGP hijacking, how to detect and in the future, mitigate with higher levels of success. Come on BGP RPKI/ROA adaption. I found the easiest way is via ISP pressure to implement dropping invalid routes.
to remind, ROV is a safety mechanism, not a security mechanism. it is proving, as intended, to mitigate mistakes. which is very cool. but it does not mitigate attacks of any sophistication. randy