[routing-wg] /24 prefix "hijackability" metric (defining "better than avg AS")
- Previous message (by thread): [routing-wg] /24 prefix "hijackability" metric (defining "better than avg AS")
- Next message (by thread): [routing-wg] New on RIPE Labs: Upstream Visibility - Monitor the Visibility of your Prefix
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
nusenu
nusenu-lists at riseup.net
Tue Sep 25 22:31:00 CEST 2018
Job Snijders wrote: > On Tue, Aug 14, 2018 at 07:58:00PM +0000, nusenu wrote: >> I'm currently estimating how "vulnerable" certain IP addresses are to >> BGP hijacking. >> >> To do that, I put them into different categories (multiple can apply): >> >> a) RPKI validity state is "NotFound" (no ROA) and IP located in a prefix shorter than /24 (IPv4) or /48 (IPv6) >> b) Valid ROA but weak maxlength >> c) Valid ROA with proper maxlength >> d) is announced in a /24 prefix (IPv4) or /48 (IPv6) >> e) = (c) + (d) > > Interesting approach! This is the first time I've seen someone phrase it > this formally, but you are correct I think. thanks for the feedback, I'm glad it made some sense. context: I wrote that email while putting together this post: https://medium.com/@nusenu/how-vulnerable-is-the-tor-network-to-bgp-hijacking-attacks-56d3b2ebfd92 (specifically the "what properties do we consider?" section) In the end I went ahead with "Approach 2" and used the following definition: 'we consider all ASes with an AS rank <= 10000 to be “better connected than the attacking AS”' which split the /24 prefixes I looked at in about half (10 vs. 9 as seen in Figure 3). kind regards, nusenu -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: <https://lists.ripe.net/ripe/mail/archives/routing-wg/attachments/20180925/5743d1ff/attachment.sig>
- Previous message (by thread): [routing-wg] /24 prefix "hijackability" metric (defining "better than avg AS")
- Next message (by thread): [routing-wg] New on RIPE Labs: Upstream Visibility - Monitor the Visibility of your Prefix
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]