[Cisl-comunidade] internet privacy using open source: ExaBGP - A tool to interact with Border Gateway Protocol
Andre Felipe Machado
andre.machado em serpro.gov.br
Quinta Setembro 19 15:24:45 BRT 2013
ExaBGP is an application designed to provide an easy way for programmers and system admistrators to interact with BGP networks. The program is designed to allow the injection of arbitrary routes into a network, including IPv6 and FlowSpec.
https://github.com/Thomas-Mangin/exabgp
http://en.wikipedia.org/wiki/Border_Gateway_Protocol
Many security professionals are currently using NetFlow to monitor their network and react to DDOS attacks. By centralising their traffic information in one place, they are able to correlate the information and detect more and more advanced attacks.
Many networks then use BGP to blackhole the destination IP of the attack at their edge, protecting their network core but still allowing the attacker to succeed.
RFC 5575 , better known as FlowSpec, was designed to help security professionals react to such attacks in a more fine grained manner, by allowing precise filtering rules to be deployed, through BGP, to routers with advanced ASICS features.
ExaBGP is an open source implementation of a route injector able to generate and propagate Flow Routes.
https://labs.ripe.net/Members/thomas_mangin/content-exabgp-new-tool-interact-bgp
A good hands-on article for evaluation in order to benchmark:
http://vincent.bernat.im/en/blog/2013-exabgp-highavailability.html
--
André Felipe Machado
CEAGO/COTSC/COSTE
As Lou Gerstner, former Chairman
and CEO of IBM, observed: 'I came to see, in my time at IBM that culture
isn’t just one aspect of the game; it *IS* the game.'
-------------
-
"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco."
"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure."
More information about the Cisl-comunidade
mailing list