Posts Tagged ‘BGP’

Deploy360@IETF91, Day 5: IDR (Securing BGP), IPv6 and heading on to ION Tokyo

Minions at IETF91

As the final day of IETF 91 opens there are only a few sessions left on the long IETF 91 agenda.  For us at Deploy360, our focus will mainly be on the Inter-Domain Routing (IDR) and IPv6 Maintenance (6MAN) meetings happening this morning.  Read on for more information… NOTE: If you are not in Honolulu but would like to Read more…

November 14th, 2014 by | Posted in IETF, IPv6, Securing BGP | Tags: , , , , , | No Comments

Deploy360@IETF91, Day 2: UTA, DPRIVE, BGP in ANRP, 6LO and IOT, DNSOP

IETF 91 mic line

For us at Deploy360, Day 2 of IETF 91 brings a heavy focus on DNSSEC and DNS security in general with both DNSOP and DPRIVE meeting. Today also brings one of the key working groups (UTA) related to our “TLS in Applications” topic area.  There is a key WG meeting related to using  IPv6 in “resource-constrained” environments such as the “Internet of Read more…

BGPmon: Using BGP Data To Fight Spam

BGPmon logo

Can we use BGP data to find email spammers? And could securing BGP provide a mechanism to help reduce spam? In a fascinating article on BGPmon’s site, Andree Toonk explores how they found that “IP squatting” is used by spammers.  Essentially the attack seems to work like this: The spammers identify a block of IP Read more…

September 18th, 2014 by | Posted in Securing BGP | Tags: , , , | No Comments

BGP Hijacker Steals Bitcoins

Securing BGP

Researchers at Dell’s Secureworks have uncovered multiple BGP incidents used to steal bitcoins. According to Secureworks, the attacker used a compromised administrator account at a yet undisclosed Canadian ISP. With this account they were able to then inject BGP routes which redirected traffic from machines mining Bitcoins to the attacker’s compromised host. Secureworks estimates that Read more…

August 8th, 2014 by | Posted in Routing, Securing BGP, TLS for Applications | Tags: , , | No Comments

Video: Selective Blackholing at RIPE 68

Securing BGP

Until such time as we succeed in preventing IP spoofing in the Internet, Distributed Denial of Service(DDOS) attacks are going to be a problem. Job Snijders, gave a presentation at RIPE 68 detailing some work he has been doing on implementing selective blackholing for operators under DDOS attacks. His selective blackholing configuration and associated scripting Read more…

July 28th, 2014 by | Posted in Anti-Spoofing, Routing, Securing BGP, Tools, Videos | Tags: | No Comments

Deploy360@IETF90, Day 5: HOMENET, SIDR, TRANS and GROW… and then we’re done!


You might think the final day of IETF 90 might be a bit quieter for us… but in fact the morning session from 9:00-11:30 EDT has three sessions happening simultaneously that are related to the work we do (HOMENET, SIDR and TRANS) – and in my personal case I want to be in two separate places Read more…

July 25th, 2014 by | Posted in DNSSEC, IETF, IPv6, Routing, Securing BGP | Tags: , , , , , , | No Comments



Today seems to be “DNS Day” here at IETF 90 in Toronto with the two major DNS-related working groups we follow here at Deploy360, DNSOP and DANE, both meeting on the same day.  We’ve also got V6OPS meeting again (as they did yesterday), have several IPv6-security drafts in OPSEC and have routing discussions happening in IDR. Read more…

July 22nd, 2014 by | Posted in DANE, DNSSEC, IETF, IPv6, Securing BGP, TLS for Applications | Tags: , , , , | 5 Comments

Video: BGP Blackholing Project (RIPE 68)

How can network operators cooperate to prevent abuse? How do we educate network operators to ensure they’re connecting their network in a secure way to the Internet? In this lightning talk from Lukasz Bromirski from Cisco, learn how operators in Poland are cooperating to prevent network abuse. Lukasz’s talk, entitled “BGP Blackholing Project” is now Read more…

July 11th, 2014 by | Posted in Securing BGP | Tags: , , | No Comments

Video: RPKI For Provider Independant Resources (RIPE 68)

How can provider independent(PI) address space be validated with the Resource Public Key Infrastructure (RPKI)? How can we get smaller organizations to deploy BGP RPKI? In this lightning talk from Alex Band of RIPE-NCC, learn how an organization with PI address space registered with RIPE-NCC can easily create and access RPKI resources. Previously this was Read more…

June 20th, 2014 by | Posted in Securing BGP | Tags: , , , , | No Comments

Video: Google DNS Hijacking in Turkey (RIPE 68)

Between March 29 and April 7 of 2014, the Turkish government announced a /32 BGP route for Google’s public DNS. This route redirected users to a DNS server which resolved popular addresses such as and to Turkish government websites. We previously wrote about this while it was happening. Now Stéphane Bortzmeyer’s talk, entitled Read more…

June 19th, 2014 by | Posted in Securing BGP | Tags: , , , , | No Comments