Overview
Watch a 21-minute NANOG conference talk examining the effectiveness of routing defenses by analyzing 712 prefixes from Spamhaus' Don't Route Or Peer (DROP) list between June 2019 and March 2022. Learn how attackers circumvent multiple defense mechanisms, including creating fraudulent Internet Routing Registry records and announcing routes with spoofed origin ASes. Discover insights about the exploitation of unrouted address space vulnerabilities and understand why Regional Internet Registries should reconsider RPKI eligibility restrictions and AS0 policies. Speaker Gautam Akiwate presents detailed findings that highlight the ongoing challenges in securing internet routing infrastructure.
Syllabus
Stop, DROP, and ROA: Effectiveness of Routing Defenses through the lens of DROP
Taught by
NANOG