Border Gateway Protocol/Operations
This article may be deleted soon. | ||
---|---|---|
Defense against infrastructure attackIn the public Internet, there are attacks both against enterprises that use BGP, typically for multihoming and traffic engineering, and against ISPs, for whom BGP is utterly essential. Unicast RPF (uRPF)Unicast reverse path forwarding is a widely used technique, an evolution of access control lists that were harder to maintain and imposed much higher router overhead.[1] Blackhole route injection into iBGPOnce a specific IP address or range of addresses is shown to be under attack, blackhole route injection is a way to quarantine the attack traffic. It will make the target unusual at the cost of making it unreachable. When the attack traffic is isolated, however, the operator can apply much more powerful diagnostics to circumvent it, and ideally trace it back to its source and defeat it there. In the public Internet, it will usually take cooperation among autonomous systems to defeat an attack. [2]
SinkholesNetwork intrusion analysisStatistical monitoring for attacksInternal router metrics from SNMP, external from NetView or equivalent References
|