[arin-ppml] BGP Hijacking Definition
Keith W. Hare
Keith at jcc.com
Mon May 6 13:28:58 EDT 2019
Thanks for the blog link.
As I've looked at BGP/route hijacking, it is clear (to me at least) that it is difficult to precisely and completely define what BGP/route hijacking is.
The steps described in the blog make a lot more sense to me than attempting to define and codify route hijacking in procedures.
From: ARIN-PPML [mailto:arin-ppml-bounces at arin.net] On Behalf Of John Curran
Sent: Monday, May 6, 2019 11:50 AM
To: arin-ppml at arin.net
Subject: Re: [arin-ppml] BGP Hijacking Definition
On May 6, 2019, at 9:26 AM, Keith W. Hare <Keith at jcc.com<mailto:Keith at jcc.com>> wrote:
...Owen Delong described two technical mechanisms used for BGP hijacking:
1. (Easiest and most common) Find a location in the internet where you can inject a route and have it propagate and exploit it.
2. (less common but does happen) Find address space issued to a defunct organization or an organization that does not appear to be actively using it and attempt to steal it from them through the RIR process by creating a new similar looking organization and then attempting to fraudulently "reclaim" the resources.
I think the ARIN policies & practice already handle mechanism 2, so I'm going to ignore that for the moment. ...
FYI - for those interested in our current practices with regard to handling reports of potential route hijacking, please see our recent blog post - https://teamarin.net/2019/05/06/how-does-arin-handle-reports-of-route-hijacking/
President and CEO
American Registry for Internet Numbers
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-PPML