|
|
2005 SP Infrastructure Security Survey Results
Presentation, Craig Labovitz, Danny McPherson, NANOG-35 Meeting, Oct 2005
A Blueprint for Improving the Robustness of Internet Routing
Georgos Siganos, Michalis Faloutsos, 2005
A PKI for IP Address Space and AS Numbers
Stephen Kent, RIPE-52 Meeting, Apr 2006
A Secure BGP Implementation (bgpd)
Presentation, Henning Brauer, Oct 2004
A Survey of BGP Security (Draft version)
Kevin Butler, Toni Farley, Patrick McDaniel, Jennifer Rexford, 2005
Address Space & AS Number Hijacking
Presentation, Leslie Nobile, Leo Vegoda, RIPE-48 Meeting, May 2004
Aggregated Path Authentication for Efficient BGP Security
Meiyuan Zhao, Sean W. Smith, David M. Nicol, Nov 2005
Alerting Prefix Owners of Hijacks in Near-Real Time
Mohit Lad, NANOG-37 Meeting, Jun 2006
An AS-level IP Traceback System
André O. Castelucio, Ronaldo M. Salles, Artur Ziviani, Dec 2007
APNIC Trial of Certification of IP Addresses and ASes
Presentation, Geoff Huston, RIPE-51 Meeting, Oct 2005
Application Note: Securing BGP on Juniper Routers
Guidelines, Maintained by Stephen Gill
Authentication for TCP-based Routing and Management Protocols
Ron Bonica, Andrew Lange, Sriram Viswanathan, Brian Weis, NANOG-37 Meeting, Jun 2006
Auto-Detecting Hijacked Prefixes
Presentation, Geoff Huston, RIPE-50 Meeting, May 2005
Autonomous Security for Autonomous Systems
Josh Karlin, Stephanie Forrest, Jennifer Rexford, Mar 2008
Best Practices for Securing Routing Protocols
Cisco Systems, 2004
BGP/MPLS Layer 3 VPNs
Presentation, Ina Minei, NANOG-30 Meeting, Feb 2004
BGP Attack Trees: Real World Examples
Presentation, Sue Hares, NANOG-28, Jun 2003
BGP Filtering - Myths, Legends and Reality: Peer Filtering in the Modern Backbone
Jim Deleskie, Tom Scholl, Todd Underwood, Alin Popescu, NANOG-35 Meeting, Oct 2005
BGP Flow Specification Deployment Experience
Derek Gassen, Raul Lozano, Danny McPherson, Craig Labovitz, NANOG-38 Meeting, Oct 2006
BGP Flow Specification Deployment ExperienceL Flowspec Examples
Derek Gassen, Raul Lozano, Danny McPherson, Craig Labovitz, NANOG-38 Meeting, Oct 2006
BGP MD5: Good, Bad, Ugly?
Tom Scholl, NANOG-39 Meeting, Feb 2007
BGP Prefix Filtering
Cisco ISP Security Bootcamp, 2002
BGP Protection Without Global Cooperation
Josh Karlin, Stephanie Forrest, Jennifer Rexford, NANOG-41 Meeting, Oct 2007
BGP Security
Russ Housley, RIPE-52 Meeting, Apr 2006
BGP Security
 (Powerpoint)
Presentation, Russ White, 2001-2003
BGP Security Requirements - An Overview of Current Work in the IETF (1)
Tony Tauber et al, NANOG-33 Meeting, Feb 2005
BGP Security Requirements - An Overview of Current Work in the IETF (2)
Tony Tauber et al, NANOG-33 Meeting, Feb 2005
BGP Security Update
Presentation, Barry Raveendran Greene, NANOG-25 Meeting, Jun 2002
BGP Security, Just Add Peers!
(Powerpoint)
Presentation, Rob Thomas, May 2002
BGP Security Vulnerabilities Analysis
IETF RFC 4272, S. Murphy, Jan 2006
BGP Support for TTL Security Check - Cisco IOS
Documentation, Cisco Systems, 2003
BGP Vulnerability Testing: Separating Fact from FUD v1.00
Presentation, Sean Convery, Matthew Franz, NANOG-28 Meeting, Jun 2003
BlackHole Route Server and Tracking Traffic on an IP Network (How to Track a DoS Attack)
Chris Morrow, Brian Gemberling, 2001
Border Gateway Protocol Security - NIST Recommendations
Rick Kuhn, Kotikalapudi Sriram, Doug Montgomery, NIST Special Publication 800-54, Jul 2007
Building an Early Warning System in a Service Provider Network
Presentation, Nicolas Fischbach, Black Hat Briefings Europe, 2004
Comparing BGP/MPLS and IPSec VPNs
Whitepaper, Gary Alterson, Sans InfoSec Reading Room, Jan 2002
Configuring BGP to Block Denial-of-Service Attacks
IETF RFC 3882, Doughan Turk, Sep 2004
Don't Secure Routing Protocols, Secure Data Delivery
Dan Wendlandt, Ioannis Avramopoulos, David Andersen, Jennifer Rexford, Nov 2006
Effects of Worms on Internet Routing Stability
Article, Ido Dubrawsky, SecurityFocus InFocus Article, Jun 2003
Efficient Security for BGP Route Announcements
Whitepaper, David M. Nicol et al, Feb 2003
Efficient Security Mechanisms for Routing Protocols
Whitepaper, Yih-Chun Hu et al, Network and Distributed System Security Symposium Symposium, 2003
Evolving the Core: Deployment Challenges and the Internet
Presentation, J. Scott Marcus, NANOG-32 Meeting, Oct 2004
Flooding Attacks by Exploiting Persistent Forwarding Loops
Jianhong Xia, Lixin Gao, Teng Fei, NANOG-36 Meeting, Feb 2006
Generic Threats to Routing Protocols
IETF RFC 4593, A. Barbir, S. Murphy, Y. Yang, Oct 2006
How Small Groups can Secure Interdomain Routing
Ioannis Avramopoulos, Martin Suchara, Jennifer Rexford, Nov 2007
How to Allow Customers to Blackhole their own Traffic
Chris Morrow, Brian Gemberling, et al, 2002-2004
How to Securely use SNMP on a BGP/MPLS VPN Network
Whitepaper, Guillaume Tamboise, Sans InfoSec Reading Room, Apr 2002
Identifying Compromised Hosts by Analyzing Real-Time Blacklists
Presentation, Rick Wesson, NANOG-35 Meeting, Oct 2005
IETF Operational Security Capabilities for IP Network Infrastructure Working Group (OPSEC)
Working Group, Internet Engineering Task Force (IETF)
IETF Routing Protocol Security Requirements Working Group (RPSEC)
Working Group, Internet Engineering Task Force (IETF)
IETF Secure Inter-Domain Routing Working Group (SIDR)
Working Group, Internet Engineering Task Force (IETF)
Implications of Securing Backbone Router Infrastructure
(Powerpoint)
Presentation, Ryan McDowell, NANOG-31 Meeting, May 2004
Improving the Security and Robustness of Internet Routing
Presentation, Georgos Siganos, Michalis Faloutsos, RIPE-51 Meeting, Oct 2005
Infrastructure Security
Presentation, Nicolas Fischbach, RIPE-46 Meeting, Sep 2003
Ingress Filtering for Multihomed Networks
IETF RFC 3704 / BCP 84, F. Baker, P. Savola, Mar 2004
Ingress Prefix Filter Template; for eBGP sessions with other ISPs (Loose mode)
Guidelines, Maintained by Barry Greene et al
Ingress Prefix Filter Template; for eBGP sessions with other ISPs (Strict mode)
Guidelines, Maintained by Barry Greene et al
Internet Hardening via Routing Registries
Larry Blunk, Manish Karir, 2005
IP Anti Spoofing: How to Avoid the "Bad Guys"
Juan Pedro Cerezo, Fernando García, RIPE-54 Meeting, May 2007
IP Backbone Security
(Powerpoint)
Presentation, Nicolas Fischbach, Sébastien Lacoste-Seris, Black Hat Briefings, Jul 2002
IP Hijacking
Presentation, David J. Bowie, MIT Security Camp, 2003
Is the Border Gateway Protocol Safe?
Whitepaper, Sargon Elias, Sans InfoSec Reading Room, Apr 2003
ISP Security 101 - Peers Working Together to Battle Attacks on the Net
(Powerpoint)
Barry Greene, Roland Dobbins, NANOG-36 Meeting, Feb 2006
JunOS Loose ISP Prefix Filter Template
Maintained by Stephen Gill
JunOS Strict ISP Filter Prefix Template
Maintained by Stephen Gill
Key Change Strategies for TCP-MD5
IETF RFC 4808, S. Bellovin, Mar 2007
Known Threats to Routing Protocols
Presentation, Dennis Beard, Yi Yang, Nov 2002
Layer 3 MPLS/VPN Security Considerations
Whitepaper, Cisco, Oct 2003
Listen and Whisper: Security Mechanisms for BGP
Whitepaper, Lakshminarayanan Subramanian et al, Mar 2004
Listen and Whisper: Security Mechanisms for BGP
Presentation, L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R.H. Katz, NANOG-30 Meeting, Feb 2004
Marcus Sachs on Securing the Homeland (Full mp3-interview here)
Article, Dan Farber, ZDnet, Jun 2005
Mining Anomalies in Network-Wide Flow Data
(Powerpoint)
Presentation, Anukool Lakhina, Mark Crovella, Christophe Diot, NANOG-35 Meeting, Oct 2005
Network Core Infrastructure Protection - Best Practices
Yusuf Bhaiji, NANOG-42 Meeting, Feb 2008
Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
IETF RFC 2827 / BCP 38, P. Ferguson, D. Senie, May 2000
Operational Security Current Practices
Merike Kaeo et al, NANOG-37 Meeting, Jun 2006
Operational Security Requirements for Large ISP IP Network Infrastructure
IETF RFC 3871, G. Jones, Ed., Sep 2004
Options for Blackhole and Discard Routing - Tutorial
Presentation, Joseph M. Soricelli, Wayne Gustavus, NANOG-32 Meeting, Oct 2004
Origin Authentication in Interdomain Routing
Whitepaper, William Aiello, John Ioannidis, Patrick McDaniel, Oct 2003
Overloading BGP for VPN Can Be Harmful
InformIT.com Article by Ruixi Yuan, Jan 2002
PHAS: A Prefix Hijack Alert System (Presentation)
Dan Massey, Yan Chen, Mohit Lad, Lixia Zhang, Beichuan Zhang, NANOG-38 Meeting, Oct 2006
PHAS: A Prefix Hijack Alert System (Paper)
Mohit Lad, Dan Massey, Dan Pei, Yiguo Wu, Beichuan Zhang, Lixia Zhang, Jul 2006
Position Paper: Operational Requirements for Secured BGP
Steven M. Bellovin, John Ioannidis, Randy Bush, Mar 2005
Prefix Filtering, Black Holes, and Protecting Your Business
David Barak, Barry Raveendran, Mark Prior, NANOG-43 Meeting, Jun 2008
Pretty Good BGP and the Internet Alert Registry
Josh Karlin, Stephanie Forrest, Jennifer Rexford, NANOG-37 Meeting, Jun 2006
Pretty Secure BGP (psBGP)
Tao Wan, Evangelos Kranakis, P.C. van Oorschot, 2005
Protecting Routing Infrastructures from Denial-of-Service using Cooperative Intrusion Detection
Whitepaper, Steven Cheung, Karl N. Levitt
Protecting the BGP Routes to Top Level DNS Servers
Presentation, Daniel Massey, Randy Bush, et al, NANOG-25 Meeting, Jun 2002
Protecting the Router Control Plane
IETF RFC 6192, D. Dugal, C. Pignataro, R. Dunn, Mar 2011
Recommended Internet Service Provider Security Services and Procedures
IETF RFC 3013, T. Killalea, Nov 2000
Remote Triggering Black Hole Filtering
Whitepaper, Cisco, 2002
RIR Resource Certification: Some Lessons Learned from Designing the Resource PKI
Geoff Huston, RIPE-54 Meeting, May 2007
Routing Policy System Security
IETF RFC 2725, C. Villamizar et al, Dec 1999
Routing Protocols Security Working Group Website
Website, Maintained by Russ White et al
Routing Security
Presentation, Steven M. Bellovin, Jun 2003
SBGP - Secure BGP
Presentation, Steven M. Bellovin, Jun 2003
Secure BGP Project (S-BGP)
Website, BBN Technologies, Internetwork Research Department
Secure BGP Template for Cisco IOS
Guidelines, Maintained by Rob Thomas, updated regularly
Secure BGP Template for Juniper JunOS
Guidelines, Maintained by Stephen Gill, updated regularly
Secure Border Gateway Protocol (Secure-BGP)
Whitepaper, Stephen Kent, Charles Lynn, Karen Seo, IEEE Journal on Selected Areas in Communications, Apr 2000
Secure Border Gateway Protocol (S-BGP)
Presentation, Charles Lynn, Network and Distributed Systems Security Symposium, Feb 1999
Secure Cisco IOS Template
Guidelines, Maintained by Rob Thomas
Secure Juniper JunOS Template
Guidelines, Maintained by Stephen Gill
Secure Origin BGP (soBGP)
Presentation, David Cook, RIPE-45 Meeting, May 2003
Secure Protocols for the Routing Infrastructure (SPRI) Initiative - A Roadmap
Sparta/DHS.gov, Sep 2006
Secure Riverstone ROS Template
Guidelines, Maintained by Andy Walden
Securing a Core Network - Presentation
Presentation, Michael Behringer, Christian Panigl, RIPE-49 Meeting, Sep 2004
Securing a Core Network - Discussion
Presentation, Michael Behringer, Christian Panigl, RIPE-49 Meeting, Sep 2004
Securing BGP Incrementally
Martin Suchara, Ioannis Avramopoulos, Jennifer Rexford, Dec 2007
Securing BGP on Juniper Routers
Guidelines, Stephen Gill, Apr 2003
Securing Inter-Domain Routing
Column, Geoff Huston, Mar 2005
Securing Routing - An ISP's Perspective
Column, Geoff Huston, Feb 2005
Securing the Border Gateway Protocol: A Status Update
Whitepaper, Stephen T. Kent, 2003
Securing the Border Gateway Protocol: S-BGP
Article, Cisco Internet Protocol Journal (IPJ), Stephen T. Kent, Sep 2003
Securing the Border Gateway Protocol: SoBGP (Secure Origin BGP)
Article, Cisco Internet Protocol Journal (IPJ), Russ White, Sep 2003
Securing the Routing Infrastructure: Status and Request for Comments
Sandra Murphy, NANOG-39 Meeting, Feb 2007
Security and Accuracy of Interdomain Routing
Presentation, Geoffrey Goodell, et al, NANOG-27 Meeting, Feb 2003
Security and Predictability: Two Missing Pieces in BGP
Whitepaper, Lakshmi Subramanian, Workshop on Internet Routing Evolution and Design, Oct 2003
Security and Predictability: Two Missing Pieces in BGP
(Powerpoint)
Presentation, Lakshmi Subramanian, Workshop on Internet Routing Evolution and Design, Oct 2003
Security in Core Networks - An Overview
Presentation, Eric Vyncke, Cisco, 2003
Security Issues Affecting Internet Transit Points and Backbone Providers
(Powerpoint)
Presentation, Batz, Black Hat Briefings, Jul 1999
Security Toolsets for ISP Defense - Backbone Practices
Presentation, Timothy A. Battles, NANOG-32 Meeting, Oct 2004
Seguridad en BGP
(in Spanish)
Article, Saulo Barajas, 2003
Service Provider Security Primer 101
Various authors, NANOG-43 Meeting, Jun 2008
Short-Lived Prefix Hijacking on the Internet
Peter Boothe, James Hiebert, Randy Bush, NANOG-36 Meeting, Feb 2006
$tea£ing with BGP
Presentation, Stephan Dugan, Black Hat Briefings, Feb 2003
Stealing the Internet: An Internet Scale Man In The Middle Attack (BGP MitM)
(Powerpoint)
Alex Pilosov, Tony Kapela, Defcon Conference, Aug 2008
Strategic Deployment of Network Monitors for Attack Distribution
Young June Pyun, Douglas S. Reeves, 2007
Study of BGP Peering Session Attacks and Their Impacts on Routing Performance
Kotikalapudi Sriram, Doug Montgomery, Oliver Borchert, Okhee Kim, D. Richard Kuhn, Oct 2006
Threats Relating to IPv6 Multihoming Solutions
IETF RFC 4218, E. Nordmark, T. Li, Oct 2005
Threats to Internet Routing and Global Connectivity
Earl Zmijewski, 20th Annual FIRST Conference, Jun 2008
Threats to Security in the Exchange of Traffic between Internet Service Providers: Description and Testing of Vulnerabilities
Swedish National Post and Telecom Agency (PTS), Report PTS-ER-2007:14, Anders Rafting, Apr 2007
Understanding the Network-Level Behavior of Spammers
Anirudh Ramachandran, Nick Feamster, Sep 2006
Using Link Cuts to Attack Internet Routing
Steven M. Bellovin, Emden R. Gansner, May 2003
Using X.509 v3 Resource Certificates in RIR Resource Allocations
Geoff Huston, RIPE-53 Meeting, Oct 2006
What S-BGP Means for RIPE & RIPE Members
Presentation, Stephen Kent, RIPE-45 Meeting, May 2003
Where the Wild Things Are: BGP Threats
Presentation, Steven M. Bellovin, Jun 2003
Working Around BGP: An Incremental Approach to Improving Security and Accuracy of Interdomain Routing
Whitepaper, Geoffrey Goodell et al, 2003
|
Related Reading
