It is really important that ever organization grasp the risk from BGP Hijacking. The CIO, CISO, Security Professional, Network Engineers, and all others in the organization must understand that the BGP Hijacking Threat to their organization is Real. Miscreants have BGP hijacked critical resources away from the owning organization and caused damage. These BGP Hijacks have happened and will happen again. It will be a while before we have a massive deployment of BGPSEC and RPKI throughout all telecom and the world. So taking action now to minimize the risk is critical.
Where do we start our “BGP Hijack Knowledge Empowerment?” Fortunately, we have peers on the Internet who explain it for us.
First, look back at the BGP, RTBH, and other training videos from the early 2000s @ NANOG, APRICOT, and RIPE. The concept of moving traffic around the Internet is core to the Internet.
Second, watch NANOG 44 – Stealing the Internet by Anton Kapela, 5Nines Data Alex Pilosov, Pilsoft
Abstract: https://www.nanog.org/meetings/abstract?id=878
Slides: https://www.nanog.org/meetings/nanog44/presentations/Tuesday/Kapela_steal_internet_N44.pdf
Video: https://youtu.be/JmCyJtlMT18
Nick Feamster has a good YouTube explanation on the Kapala Attack on BGP that is worth watching.
This is a talk linking back to Anton’s reaction to the DEFCON 16 talk: Stealing The Internet – A Routed, Wide-area, Man in the Middle Attack
Slides: https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-pilosov-kapela.pdf
Video & Slides: Stealing The Internet – A Routed, Wide-area, Man in the Middle
Third, listen to NANOG 45 – Hijacking and Tools by Joel Jaeggli and Andree Toonk
Abstract: https://www.nanog.org/meetings/abstract?id=1332
Slides: https://www.nanog.org/meetings/nanog45/presentations/Sunday/Jaeggli_hijacking_detection_N45.pdf
Click to access Toonk_bgpmon_N45.pdf
Forth, listen to the NANOG 46 – Hijacking Mitigation: Something is Better Than Nothing:
Abstract: https://www.nanog.org/meetings/abstract?id=1379
Video: https://youtu.be/zBBSOFafkuo
Slides https://www.nanog.org/meetings/nanog46/presentations/Monday/Daly_Prefix_Hijack_N46.pdf
Finally, please watch the NANOG 63 2015 talk from Andree Toonk – Recent BGP routing incidents – malicious or not
Abstract: https://www.nanog.org/meetings/abstract?id=2476
Slides: https://www.nanog.org/sites/default/files/monday_general_bgp_toonk_63.18.pdf
Video: https://www.youtube.com/watch?v=t7ilZxXFYYQ
Back to the main guide BGP Route Hijacks & Routing Mistakes – What can be done Today?
These BGP security materials are provided to help people around the Internet understand how do their part to deploy a more resilient BGP infrastructure. Seek out more information on www.senki.org.