Slashdot Mirror

← Back to Stories (view on slashdot.org)

BGP Hijacking Continues, Despite the Ability To Prevent It

Posted by Soulskill on from the won't-fix dept.

An anonymous reader writes: BGPMon reports on a recent route hijacking event by Syria. These events continue, despite the ability to detect and prevent improper route origination: Resource Public Key Infrastructure. RPKI is technology that allows an operator to validate the proper relationship between an IP prefix and an Autonomous System. That is, assuming you can collect the certificates. ARIN requires operators accept something called the Relying Party Agreement. But the provider community seems unhappy with the agreement, and is choosing not to implement it, just to avoid the RPA, leaving the the Internet as a whole less secure.

9 of 57 comments (clear)

  1. BGP? by danceswithtrees · · Score: 3, Informative

    What if we agree to spell out obscure acronyms the first time? Yes, I can google/bing it to find likely candidates, but what if you make life easier for all involved and actually use Border Gateway Protocol (BGP)? Mmmmkay?

    1. Re: BGP? by Anonymous Coward · · Score: 3, Funny

      this is a site for nerds...or at least used to be until your lazy ass showed up

    2. Re:BGP? by nblender · · Score: 4, Insightful

      I guess I disagree. I don't want to have to see "Transmission Control Protocol / Internet Protocol" the first time in every article that mentions TCP/IP... I'm surprised you also didn't mention that "ARIN" wasn't expanded, or "IP"... Probably because you know what those mean. I've been in this industry for dozens of years and there are abbreviations that come up all the time that I don't know but I just google them... It's not a big deal.

    3. Re:BGP? by David_Hart · · Score: 5, Insightful

      I don't think BGP is simple enough for a non-nerd...

      Since when did "nerd" only cover people who understand BGP? I don't remember that on the entrance exam...

      Heaven forbid anyone should be allowed to come away from reading a story on Slashdot more informed. Can't be having that!

      A simple, painless expansion of an acronym would at least give every reader a fighting chance at a rough guess of what it does, or at least what it relates to.

      Um... given that BGP is THE core routing protocol for the Internet... Yeah... you should at least know what it is at a basic level. It fits into the same category as DNS, HTML, ISP, etc.

      It's a lot like the programmers talking on here about the Waterfall model. It's expected that if you don't know something that you will take 5 seconds to look it up. Just maybe you'll learn something new... oh horrors... (grin)

      For those who still don't know, BGP stands for Border Gateway Protocol. At a very basic level, it's a routing protocol used to advertise routes between ISPs and other Internet connected organizations. It's these routes that we use to get to Netflix, for example.

    4. Re: BGP? by dbIII · · Score: 3, Funny

      Do you know what a LASCR is

      An Indian sailor.

      and how and why you might use it to slave a photoflash

      Slavery is wrong.

  2. More importantly by Anonymous Coward · · Score: 4, Interesting

    Why do we continue to allow peers that have proven to be problematic in the BGP backbone? simply do not share routes with these ASs any more and fuck their shit hole countries until they stop dicking with the core of the internet.

    its not like any old admin can be like "Ok i'm going to broadcast bad routes that will be observed and respected by all the core routers of the internet"

    no these people have special agreements with the neighbours they route with, its not like BGP packets just fly around the internet from some random workstation belonging to a hacker magically find their way onto the private vlans the cores use for bgp traffic.

    even if it wasnt technically preventable it should simply be resolved by refusing peering after an incident.

  3. Re:Required -- Except When It Isn't by suutar · · Score: 3, Informative

    It's required if you want to use ARIN's data. Those who choose not to agree are simply not using that data, with the consequence that they are less effective at validating route origin identity.

  4. Shoplifting occurs despite the ability to prevent by mysidia · · Score: 3, Informative

    These events continue, despite the ability to detect and prevent improper route origination

    Locked cases with hardened glass are a technology that allow a store to protect products for sale from surreptitious pilfering. That is, assuming you can fit the products in the case. Lock manufacturers for the cases require stores to accept something called a "key security agreement", but the shop owner community seems unhappy with the inconvenience posed to customers, and is choosing not to implement it, just to avoid the KSA, leaving the goods on store shelves worldwide as a whole less secure.

  5. Prefix This by TheRealHocusLocus · · Score: 5, Funny

    Just flipped down the thread:

    AAAAASSSS????ASSSA?FFbFbb??bBM

    Key:
    A = messages complaining about use of acronym, explaining it
    S = messages questioning relevance of BGP to 'Nerd', answers
    ? = WTF responses (Fry, Bennet)
    F = political views (fuck ARIN, fuck legalese, fuck de Man)
    b = relevant but misinformed (filtering not quicky-solve, RPKI not Kill Switch)
    B = relevant, thoughtful response to a 'b'
    M = this, meta message about thread.

    If the rest of the Internet was like this, no actual routes would ever be advertised.

    My life is light, waiting for the death wind,
    Like a feather on the back of my hand.
    Dust in sunlight and memory in corners
    Wait for the wind that chills towards the dead land.
    ~T.S. Eliot

    --
    <blink>down the rabbit hole</blink>