I have been a huge fan of Hurricane Electric (he.net) for over ten years and have done a lot of evangelizing ... rsync.net uses he.net pops all over the world (except for Zurich, where we use init7...).
They have been very progressive, clueful and efficient in all of our dealings with them.
So I am surprised to see them marked unsafe. I have emailed my point of contact there and asked for some explanation - perhaps I can update this comment in a bit ...
A startup company that several of my friends worked at many years ago had boxes that continuously monitored routing around that would and would flag and delay BGP updates that caused a significant topological change. They could be added manually immediately, or would be implemented with a delay after they had enough data that the route was legitimate.
My ISP had one of these boxes and was quite proud of it. It worked really well against BGP idiocy. It might not have worked against a concerted attack, but it did stop several of the "Ooops. All the routes are belong to us." problems that seem to be the "normal" BGP "attacks".
I am surprised that these big players don't already have something that does something similar.
Of course they do have such equipment, which makes you wonder how sophisticated the attacks are and now flimsy the security is. It’s obvious that this equipment exists. How else would the equipment in the same or likely next room over [0] know the state of packets that need further routing adjustments?
Maybe the relevant parties didn’t get the message because the call was coming from inside the building. [1]
The internet community (I.e. routing guys/Nanog/ietf etc) is fairly open. I’ve not heard much of such approaches being used. It is a very interesting idea.... I guess you gotta weight delaying inserting an update with potentially blackholing a destination until you do.
For an quick dragnet to get an IP in a sea of noise, it would work. In any case, you just have someone else do it, accidentally of course. The more accidental and and wide reaching and quickly reverted the outage is, the more plausibly deniable it is.
I agree that this approach isn’t really suitable for much else because it’s much too overt and likely to notify the target. Modern engagements use BGP hijacks as a critical tool with a lot of capabilities but also extreme visibility and publicity. So it’s not good for most jobs as other better suited tools for those jobs already exist. [0] [1]
Hurricane Electric doesn't implement RPKI Origin Validation as most people understand it. They try to do some route filtering that is RPKI like, but it's not the same.
I have been a huge fan of Hurricane Electric (he.net) for over ten years and have done a lot of evangelizing ... rsync.net uses he.net pops all over the world (except for Zurich, where we use init7...).
They have been very progressive, clueful and efficient in all of our dealings with them.
So I am surprised to see them marked unsafe. I have emailed my point of contact there and asked for some explanation - perhaps I can update this comment in a bit ...