netsec-sig - [Security-WG] IPv4 Hijacking
Subject: Internet2 Network Security SIG
List archive
- From: David Farmer <>
- To: , ,
- Subject: [Security-WG] IPv4 Hijacking
- Date: Sat, 18 Jun 2016 19:02:08 -0500
Sorry for the cross-post, but this is an important issue.
http://www.theregister.co.uk/2016/06/16/ipv4_hijacking/
This is of particular importance to our community, we are one of the primary
targets of this fraud. Your best defense is to ensure you have accurate data
in the ARIN database, check it regularly, at least once or twice a year,
respond to ARIN's annual validation requests, and monitor all your address
space for routing hijacks with something like BGPmon ( http://www.bgpmon.net
). Actively used resources are less attractive targets, but if you have
lightly, unused, or unrouted blocks pay close attention to them, they are
easy targets and extra diligence is required.
Besides ARIN's database it would be good check the Internet Routing
Registries (IRRs) like RADb ( http://www.radb.net ) and ensure there is not
inaccurate data there, bogus data in the IRRs could be a sign of attempts at
hijacking address space.
--
===============================================
David Farmer Email:
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: +1-612-626-0815
Minneapolis, MN 55414-3029 Cell: +1-612-812-9952
===============================================
- [Security-WG] IPv4 Hijacking, David Farmer, 06/19/2016
Archive powered by MHonArc 2.6.16.