Successfully reported this slideshow.

Misused top ASNs

1

Share

Nov. 16, 2015
1 like 670 views
Upcoming SlideShare
Routing diff
Routing diff
Loading in …3
×
1 of 17
1 of 17

Misused top ASNs

Nov. 16, 2015
1 like 670 views

1

Share

Download to read offline

Internet

Misused top ASNs

Misused top ASNs

Internet

Recommended

More Related Content

More from Bangladesh Network Operators Group

Having Honeypot for Better Network Security Analysis
Bangladesh Network Operators Group
MANRS for Network Operators - bdNOG12
Bangladesh Network Operators Group
Hands-on DNSSEC Deployment
Bangladesh Network Operators Group
Challenges for BdREN in COVID Environment
Bangladesh Network Operators Group
Lifting the Lid on Lawful Intercept
Bangladesh Network Operators Group
BGPalerter: BGP prefix monitoring
Bangladesh Network Operators Group
Learning from failures
Bangladesh Network Operators Group
RPKI invalids aren't gone yet
Bangladesh Network Operators Group
Log analysis with elastic stack
Bangladesh Network Operators Group
IPv6 Deployment Update
Bangladesh Network Operators Group
SEGMENT Routing
Bangladesh Network Operators Group
Is Internet getting old !!
Bangladesh Network Operators Group
pps Matters
Bangladesh Network Operators Group
A study of our DNS full-resolvers
Bangladesh Network Operators Group
Automating Network Infrastructure : Ansible
Bangladesh Network Operators Group
Supply Chain Attack Backdooring Your Networks
Bangladesh Network Operators Group
Route Origin Validation With Routinator - A MANRS Approach for Operators
Bangladesh Network Operators Group
The impact of an RPKI validator in Bangladesh and Lessons Learned
Bangladesh Network Operators Group
Dipping to MNP DB
Bangladesh Network Operators Group
Protection and Visibitlity of Encrypted Traffic by F5
Bangladesh Network Operators Group

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy
(4.5/5)
Free
Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers
(4/5)
Free
The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz
(4.5/5)
Free
Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson
(4.5/5)
Free
Tubes: A Journey to the Center of the Internet Andrew Blum
(4/5)
Free
World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost
(4/5)
Free
An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds
(4/5)
Free
The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis
(5/5)
Free
Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly
(4/5)
Free
The Thank You Economy Gary Vaynerchuk
(4/5)
Free
Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer
(4.5/5)
Free
The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis
(4/5)
Free
Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis
(3.5/5)
Free
Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman
(4/5)
Free
Paper Prototyping: The Fast and Easy Way to Design and Refine User Interfaces Carolyn Snyder
(3/5)
Free
The Internet Trap: How the Digital Economy Builds Monopolies and Undermines Democracy Matthew Hindman
(0/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
Cyberwar: How Russian Hackers and Trolls Helped Elect a President—What We Don't, Can't, and Do Know Kathleen Hall Jamieson
(3/5)
Free
Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous Gabriella Coleman
(4/5)
Free
Internet Riches: The Simple Money-Making Secrets of Online Millionaires Scott Fox
(4/5)
Free
Exploding Data: Reclaiming Our Cyber Security in the Digital Age Michael Chertoff
(4.5/5)
Free
Blockchain Revolution: How the Technology Behind Bitcoin Is Changing Money, Business, and the World Don Tapscott
(4/5)
Free
The Secret Life: Three True Stories of the Digital Age Andrew O'Hagan
(4/5)
Free
Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier
(4/5)
Free
Platform: Get Noticed in a Noisy World Michael Hyatt
(4.5/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community that Will Listen Findaway
(4.5/5)
Free
Stop Checking Your Likes: Shake Off the Need for Approval and Live an Incredible Life Susie Moore
(4/5)
Free
This Machine Kills Secrets: How Wikileakers, Cypherpunks, and Hacktivists Aim to Free the World's Information Andy Greenberg
(4/5)
Free
The Dark Net: Inside the Digital Underworld Jamie Bartlett
(4/5)
Free
Cryptography: The Key to Digital Security, How It Works, and Why It Matters Keith Martin
(4/5)
Free
Kill All Normies: Online Culture Wars From 4Chan And Tumblr To Trump And The Alt-Right Angela Nagle
(4/5)
Free
Who Owns the Future? Jaron Lanier
(4/5)
Free
iRules: What Every Tech-healthy Family Needs to Know About Selfies, Sexting, Gaming, and Growing Up Janell Burley Hofmann
(4/5)
Free

Misused top ASNs

  1. 1. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Misused Top ASNs Analysis of AS1, AS2 and AS3 misuse!
  2. 2. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Officially allocated to... AS 1 - Level3 Communications AS 2 - University of Delaware AS 3 - MIT
  3. 3. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs How they are “leaked” ?
  4. 4. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Reasons for leak... ● “Copy-paste” of sample prepend configuration “1 2 3” ● Mistakenly typing “1 2 or 3” in prepend rules in route filter / export policy statement
  5. 5. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Impact of leak Hard to determine statistically but ... ● Shows unexpected relationship of leaking AS with top ASN and among top ASNs! ● Considered to be “AS hijack” and bad for trust based BGP routing ● Can result in (wrongly prepended) announcement getting filtered across parts of internet ● Chances of broken connectivity of these routes with top ASNs network due to BGP loop prevention
  6. 6. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs AS1 Graph V4
  7. 7. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs AS1 Peer V4
  8. 8. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Hunting for leakers... ● Analysis of routing table from multiple RIPE RIS collectors ● Analysis from 2010 to 2015 ● Looking for cases where top ASNs appear in AS_PATH for routes which belong to other ASNs. ● Focus of top ASNs appearance with prepends in the routing table ● Assumption that except AS1, other two top ASNs aren’t transit provider (since belonging to University) ● Leaks which appeared for less then 24hrs are not collected
  9. 9. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Distribution of appearance
  10. 10. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Distribution of leaks (IPv4 Vs IPv6)
  11. 11. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Some of who leaked AS1... AS Number Start Date End Date Visibility in days 5927 22-Jul-2011 3-Dec-2011 134 7046 9-May-2010 11-Jun-2010 33 14758 25-Apr-2013 20-Jun-2013 56 21011 28-Jan-2013 5-Feb-2013 8 21219 28-Jan-2013 5-Feb-2013 8 26114 11-Jun-2013 22-Jul-2015 771 35819 23-Nov-2014 26-Nov-2014 3 40807 7-Jan-2010 24-Apr-2010 107 45899 1-Dec-2014 17-Apr-2015 137 49994 26-Nov-2013 29-Nov-2013 3 50113 31-May-2013 8-Jun-2013 8 51282 3-Nov-2010 19-Nov-2010 16 52931 3-Nov-2010 19-Nov-2010 16 55836 24-Nov-2014 26-Nov-2014 2
  12. 12. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Some of who leaked AS2... AS Number Start Date End Date Visibility in days 12989 14-Oct-2014 26-Oct-2014 12 131211 19-May-2015 22-Jul-2015 64 131713 20-Apr-2015 4-Jun-2015 45 133219 6-Jul-2015 22-Jul-2015 16 17483 30-Jun-2010 7-Jul-2010 7 17658 7-Feb-2014 18-May-2015 465 197706 22-Sep-2011 25-Oct-2011 33 197790 7-Apr-2014 3-Jun-2014 57 197798 18-Jul-2013 26-Aug-2013 39 198040 2-Jan-2015 2-Feb-2015 31 23951 1-Feb-2011 23-Apr-2011 81 262587 29-May-2013 7-Jun-2013 9 262878 20-Aug-2011 25-Aug-2011 5 263042 17-Jul-2013 23-Aug-2013 37
  13. 13. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Some of who leaked AS3... AS Number Start Date End Date Visbility in days 9121 2-Mar-2010 10-Apr-2010 39 21385 28-Feb-2011 2-Mar-2011 2 24523 25-Nov-2011 16-Dec-2011 21 24953 5-Jul-2013 31-Jul-2013 26 25933 26-Jun-2015 29-Jun-2015 3 27969 15-Sep-2013 6-Feb-2015 509 33849 28-Jun-2010 3-Aug-2010 36 35631 2-Apr-2015 9-Apr-2015 7 37162 16-Jul-2014 8-Nov-2014 115 37371 29-Jan-2013 11-Apr-2014 437 38077 17-May-2010 25-May-2010 8 38761 22-Sep-2010 22-Oct-2010 30 41599 7-Jan-2010 30-Mar-2010 82 51002 27-Jul-2010 29-Jul-2010 2 53053 15-Apr-2015 27-May-2015 42
  14. 14. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Route leak visibility (in days)
  15. 15. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Longest leak 1445 days (~3.9 years) for AS1 by AS23383 Sample AS_PATHs 186.65.112.0/20,30132 6939 23520 23383 1 65430 186.65.112.0/20,8283 5580 23520 23383 1 190.185.108.0/22,30132 6939 23520 23383 1 65430 190.185.108.0/22,8283 5580 23520 23383 1
  16. 16. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Most amusing AS_PATH ever! 31019 39326 39326 3356 7029 1614 1614 1614 1614 1 2 3 4 5 TABLE_DUMP_V2|02/02/14 00:00:01|A|195.69.146.99|50763|74.122.136.0 /24|50763 8943 3549 7029 1614 1614 1614 1614 1 2 3 4 5|IGP
  17. 17. November 10th, 2015 - Anurag Bhatia - Hurricane Electric - bdNOG 4 - Sreemongal, Bangladesh - Misused Top ASNs Thankyou! Questions? Peering? Transit requirement? anurag@he.net http://he.net http://as6939.peeringdb.com

×