> Way overdue! In the last 4 weeks, I've had at least 20 diff > conversations with FSI Network operators re: BGP hijacking, how to > detect and in the future, mitigate with higher levels of success. Come > on BGP RPKI/ROA adaption. I found the easiest way is via ISP pressure > to implement dropping invalid routes.
to remind, ROV is a safety mechanism, not a security mechanism. it is proving, as intended, to mitigate mistakes. which is very cool. but it does not mitigate attacks of any sophistication. randy
