[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Securing the BGP or controlling it?

Subject: Securing the BGP or controlling it?
From: vbono at 2nplus1.com (Vincent J.. Bono)
Date: Mon, 10 May 2010 16:02:03 -0400 (EDT)
In-reply-to: <[email protected]>

> this is a matter of risk analysis.  No secure routing means we'll continue
> to see the occasional high profile outage which is dealt with very quickly.

Speaking from painful experience all kinds of variable can ensure that even when a problem is identified quickly and action taken expeditiously outages can and do take much longer than "very quickly" to correct.

Also, while (IMHO) the much higher level of private interconnects / peering links in use today vs. 1997 makes willful route hijacking more difficult, building better security directly into the protocol is certainly in order.  A good parallel is the SS7 network that runs "routing" for traditional voice signaling: it's "secured" by using a completely separate, out of band TDM network (DS1s and DS0s) but its also an "in the clear" protocol and could be subject to willful vandalism.

Follow-Ups:
- Securing the BGP or controlling it?
  - From: jmamodio at gmail.com (Jorge Amodio)

Prev by Date: Securing the BGP or controlling it?
Next by Date: Securing the BGP or controlling it?
Previous by thread: Securing the BGP or controlling it?
Next by thread: Securing the BGP or controlling it?
Index(es):
- Date
- Thread