How do you get 29 organizations to collaborate to disrupt multiple threat actors’ operational infrastructure? (see the list below) What is not stated is that this group is the known TLP: RED group. There is a larger TLP: AMBER community of supporting individuals and organizations. These groups all exist and will continue to put pressure Read More
Tag: BGP Security
“Blame the Vendor” Distractions
Beware of “blame the vendor” distractions. https://bsky.app/profile/rgblights.bsky.social/post/3ltshf3lvc22e Rob Joyce posted this on his BlueSky account as a response to Alexander Martin’s article, “Spain awards Huawei contracts to manage intelligence agency wiretaps.” Both Rob and Alex are exasperating “blame the vendor” fears when the real problem is more systemic, with nothing to do with which world Read More
Protecting BGP Sessions – Step-by-Step Guide to Prevent an Easy DDoS
Organizations are not protecting their BGP session. Take the time to ask the question …. Do we have our BGP ports protected? Are you: If not, work with your peers to deploy an Infrastructure ACL (iACL) to cover all your network devices, deploy specific data plane ACLs on your routers/switches to protect them, work with
BGP Security Workshop – Safeguarding the Internet’s Glue
BGP and DNS are the two critical protocols that glue the entire global network (the Internet). Without them, the Internet falls apart. The security, resiliency, and integrity Border Gateway Protocol (BGP) holds up the routing of packets end-to-end across the Internet. Threats to BGP systems are life-threatening, disrupting critical infrastructure people depend on for their
Conference Talks, Workshops, and Webinars
Barry frequently presents at conference talks, workshops, and webinars. Barry enjoys working with peers to share, empower, and entertain with live interactive sessions. Forty years of public speaking experience is reflected in the talks below. Crafted conference talks tuned to the organizer’s audience. The general theme for all the talks is to help people understand,
Recommendation: BGP Ingress & Egress Filtering BCPs
The core BGP Security recommendation is for all BGP Ingress & Egress Filtering to follow BCPs. These BGP Best Common Practices (BCPs) are not confidential. Your peers would be open to share what they do and help you deploy better policies. It is recommended that you inspect your network’s practices and procedures. Review the BCP
Principle: BGP Hijacking Risk Reduction is a Layered Solution
Reducing the BGP Hijacking risk reduction is a layered solution. Organizations cannot jump into RPKI BGP Security if they have not established the basics for BGP Security. It must be remembered that projecting against BGP Hijacks is not a “one tool” approach. All the BGP Security techniques work together. Organizations should view this as
Recommendation: Use Internet Route Registries (IRR)
Use Internet Route Registries (IRR) to register all BGP sessions to your ASN, require all your peers to use the same IRRs, and then script the configurations to update the ingress/egress prefix filtering. It does not make any sense to have all the BGP sessions undocumented. Internet Route Registries (IRRs) and tools like PeeringDB document how
Recommendation: Deploy Peerlock
Operators deploying Peerlock mitigate many route leak and BGP Hijacking risks. Peer-Lock is an optimized AS-Path Filtering technique. The foundation is not new. We have been using AS Path Filtering for decades. The new approach uses the AS-Path filter and a written peering agreement. Job Snijders pioneered and championed Peerlock while @ NTT (see NTT Peer
Recommendation: Grasp the risk from BGP Hijacking
It is really important that ever organization grasp the risk from BGP Hijacking. The CIO, CISO, Security Professional, Network Engineers, and all others in the organization must understand that the BGP Hijacking Threat to their organization is Real. Miscreants have BGP hijacked critical resources away from the owning organization and caused damage. These BGP Hijacks