Recommendation: Grasp the risk from BGP Hijacking

It is really important that ever organization grasp the risk from BGP Hijacking. The CIO, CISO, Security Professional, Network Engineers, and all others in the organization must understand that the BGP Hijacking Threat to their organization is Real.  Miscreants have BGP hijacked critical resources away from the owning organization and caused damage. These BGP Hijacks

Recommendation: All prefixes will have one BGP Community

We have learned in the community that it is safer to have all prefixes with one BGP Community. That means a BGP community will be required for the route to get advertised to a peer. Granted, each prefix might have multiple BGP Communities, but the requirement that each must have at least one BGP community

Recommendation: Use Maximum Prefix Filters on all BGP Sessions

Maximum Prefix Filters are often overlooked in BGP configurations. Don’t overlook BGP Maximum Prefix Filters. They can save your network in a route table explosion crisis. Why? Exploding BGP tables is one of the huge risks to Internet stability. We have had and will have routers which de-aggregate, rapidly increasing the size of the BGP RIB

Tools for BGP Peering, Analysis, Troubleshooting & Monitoring

Tools to troubleshoot routing issues, monitor for BGP Hijacking, and alert when there are major routing issues are critical for any organization who connects to the Internet. This is a guide to help organizations pick tools that are useful.    BGP Stream by BGPMON BGP Stream is a free resource for receiving alerts about hijacks,

BGP Hijack Presentations, Talks, & Tutorials

Fortunately, we will have a huge library of BGP Hijacking presentations, talks, & tutorials. Many of these talk about the routing risk and how to mitigate the risk from human mistakes.  BGP Hijacking overview. Routing incidents prevention and defense mechanisms. (Updated) from NOCTION provides a good summary of all the materials list below from the various

BGP Hijacking Risks Research Papers and Projects

Research Papers and Projects Exploring BGP Hijacking & Routing Mistakes Risk The BGP Hijacking Risks profile attracts a wide academic interest. This interest attracts government and private research funding to explore new anti-BGP Hijacking tools, techniques, and resiliency approaches. This work is always worth reading, tracking, and exploring to see apply to real-world operations. Monitor,

What can Enterprises do to protect against BGP Hijacks?

Yes, you can minimize the risk to BGP Hijacks. All enterprises around the world need to have a conversation around BGP Hijacks. We see security news around malware, phishing ransomware, DOS attacks, breaches, and range of other attacks. What we do not see is conversations around BGP Hijacks. A BGP Hijack can happen on one Read More

7 Critical Security Conversations

The wave of supply chain security conversations that was sparked by the Bloomberg articles has people talking (see The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies and related articles). The increased interest in supply chain security is important. It is feasible for threat-actors sneak in a backdoor, exploitable code, or Read More

Master Class in Internet Networking …. Free

Nick Feamster Provides Operators, Engineers, and Students with the Tools to Understand How the Internet is Glued Together Who is Nick Feamster? Dr. Nick Feamster is known in the Internet Operations community as one of our primary source of great talent, research that pushes the Industry forward, a deep-dive investigation into security issues on the Read More

FlowSpec – Using BGP for Rapid DOS Response

Using BGP FlowSpec to Push an ACL to the Edge of the Network, to Stop a DOS Attacks, and Build a DOS Response Architecture Version (0.7) FlowSpec provides large networks with an ability to push a layer 4 ACL rapidly to the edge of the network using the Network Layer Reachability Information (NRLI) expansion of