Re: community real-time BGP hijack notification service
12 Sep
2008
12 Sep
'08
11 a.m.
Nathan wrote:
My best quick hack solution so far is to fire off a traceroute and make sure that the traceroute gets ICMP TTL expire messages from IP addresses that are in prefixes originated from all the ASes in the ASPATH. Still forgeable, but a bit more difficult.. still far from perfect though.
An interesting idea although I think the false positive rate would be very high with all of the filtering (and mismatch between traceroute and BGP topologies) that exists out there. It'd be interesting for someone to try and see how well it works though. (Any researchers hanging out on NANOG want to try a weekend project...)
Nathan Ward
Avi
5947
Age (days ago)
5947
Last active (days ago)
0 comments
1 participants
participants (1)
-
Avi Freedman