netsec-sig - Re: [Security-WG] February update
Subject: Internet2 Network Security SIG
List archive
- From: Adair Thaxton <>
- To: "" <>
- Subject: Re: [Security-WG] February update
- Date: Tue, 5 Feb 2019 21:04:56 +0000
There have been a few messages on the netgurus list (which I missed, sadly -
hadn't subscribed with my Internet2 email), but everyone else seems similarly
frustrated with seeking out options. Haven't found any easy answers yet.
We at Internet2 have been trialing a product from CAIDA called Artemis in
conjunction with BGPMon, using BGPMon to validate Artemis's views of hijacks.
The CAIDA team has done a lot of work and been fantastic at taking feature
requests.
Adair
On 2/5/19, 3:50 PM, " on behalf of Dale W.
Carder" < on behalf of >
wrote:
Thus spake Adair Thaxton () on Tue, Feb 05, 2019 at
06:41:08PM +0000:
> Happy February! You have nine days to make dinner reservations and get
your person a gift, if you're into that sort of thing.
>
> BGPMon has announced an End-of-Life date of March 20, 2020. Many of
our members have reported using this service. It is supposed to be being
replaced by Cisco Crosswork. More information is here:
https://bgpmon.net/wp-content/uploads/2019/01/BGPMon.net-EOL-EOS-faq.pdf
Has anyone played with Ciada's bgpstream? I got bored during lunch
and made an example. I'd be curious if anyone else wants to give it a
shot with their data.
Dale
#!/usr/bin/env python
import time
import pytricia
from _pybgpstream import BGPStream, BGPRecord, BGPElem
esnet_v6 = pytricia.PyTricia(128)
# format {'prefix' = 'orgin_asn'}
esnet_v6['2001:400::/32'] = '293'
stream = BGPStream()
rec = BGPRecord()
stream.add_filter('record-type', 'updates')
stream.add_interval_filter(int(time.time()),0)
stream.set_live_mode()
stream.start()
while(stream.get_next_record(rec)):
if rec.status == 'valid':
elem = rec.get_next_elem()
while(elem):
if 'as-path' in elem.fields:
path = elem.fields['as-path'].split()
prefix = elem.fields['prefix']
if prefix in esnet_v6 and esnet_v6[prefix] != path[-1]:
print('prefix:', elem.fields['prefix'], 'AS-PATH:',
elem.fields['as-path'], 'Project:', rec.project, 'collector:', rec.collector,
'type:', rec.type, 'time:', rec.time, 'status:', rec.status, 'Type:',
elem.type, 'Peer:', elem.peer_address, 'AS', elem.peer_asn)
elem = rec.get_next_elem()
- [Security-WG] February update, Adair Thaxton, 02/05/2019
- Re: [Security-WG] February update, Dale W. Carder, 02/05/2019
- Re: [Security-WG] February update, David Farmer, 02/05/2019
- Re: [Security-WG] February update, Dale W. Carder, 02/07/2019
- Re: [Security-WG] February update, Adair Thaxton, 02/05/2019
- Re: [Security-WG] February update, Brad Fleming, 02/05/2019
- Re: [Security-WG] February update, David Farmer, 02/05/2019
- Re: [Security-WG] February update, David Farmer, 02/05/2019
- Message not available
- Re: [Security-WG] February update, John Kristoff, 02/05/2019
- Re: [Security-WG] February update, Choi, Cindy, 02/05/2019
- Re: [Security-WG] February update, John Kristoff, 02/05/2019
- Re: [Security-WG] February update, Dale W. Carder, 02/05/2019
Archive powered by MHonArc 2.6.19.