263:
to another, causing the end customer to become the new, best-path to the prefixes in question. For example, a customer with a Cisco router peering with say AT&T and
Verizon and using no filtering will automatically attempt to link the two major carriers, which could cause the providers to prefer sending some or all traffic through the customer (on perhaps a T1), instead of using high-speed dedicated links. This problem can further affect others that peer with these two providers and also cause those ASs to prefer the misconfigured link. In reality, this problem hardly ever occurs with large ISPs, as these ISPs tend to restrict what an end customer can advertise. However, any ISP not filtering customer advertisements can allow errant information to be advertised into the global routing table where it can affect even the large Tier-1 providers.
271:. Once located, an attacker can potentially advertise any prefix they want, causing some or all traffic to be diverted from the real source towards the attacker. This can be done either to overload the ISP the attacker has infiltrated, or to perform a DoS or impersonation attack on the entity whose prefix is being advertised. It is not uncommon for an attacker to cause serious outages, up to and including a complete loss of connectivity. In early 2008, at least eight US Universities had their traffic diverted to Indonesia for about 90 minutes one morning in an attack kept mostly quiet by those involved. Also, in February 2008, a large portion of YouTube's address space was redirected to Pakistan when the
279:
permissible prefixes each AS can originate. The penalty for allowing errant information to be advertised can range from simple filtering by other/larger ISPs to a complete shutdown of the BGP session by the neighboring ISP (causing the two ISPs to cease peering), and repeated problems often end in permanent termination of all peering agreements. It is also noteworthy that even causing a major provider to block or shutdown a smaller, problematic provider, the global BGP table will often reconfigure and reroute the traffic through other available routes until all peers take action, or until the errant ISP fixes the problem at the source.
367:(AS12389) originated 37 prefixes for numerous other Autonomous Systems. The hijacked prefixes belonged to financial institutions (most notably MasterCard and Visa), other telecom companies, and a variety of other organizations. Even though the possible hijacking lasted no more than 7 minutes it is still not clear if the traffic got intercepted or modified.
25:
238:
That is, an announcement from an
Autonomous System (AS) of a learned BGP route to another AS violates the intended policies of the receiver, the sender, and/or one of the ASes along the preceding AS path." Such leaks are possible because of a long-standing "…systemic vulnerability of the Border Gateway Protocol routing system…"
429:
February 2021: Initially reported that
Cablevision Mexico (AS28548) leaked 282 prefixes creating conflicts for 763 ASNs in 80 countries, with the main impact in Mexico. Data from the Isolario MRT dump suggested that 7,200 IPv4 prefixes were announced and leaked to AS1874 impacting more than 1290 ASNs
262:
By default EBGP peers will attempt to add all routes received by another peer into the device's routing table and will then attempt to advertise nearly all of these routes to other EBGP peers. This can be a problem as multi-homed organizations can inadvertently advertise prefixes learned from one AS
237:
When a router promulgates flawed BGP routing information, whether that action is intentional or accidental, it is defined by the
Internet Engineering Task Force (IETF) in RFC 7908 as a "route leak". Such leaks are described as "the propagation of routing announcement(s) beyond their intended scope.
286:
and is frequently used by root DNS servers to allow multiple servers to use the same IP address, providing redundancy and a layer of protection against DoS attacks without publishing hundreds of server IP addresses. The difference in this situation is that each point advertising a prefix actually
425:
June 2019: Large
European mobile traffic was rerouted through China Telecom (AS4134) "This route leak began when SafeHost (AS21217) announced more than forty-thousand IPv4 routes that had been learned from other peers and providers to its provider China Telecom (AS 4134). …In turn, China Telecom
254:
involves intrusion into an ongoing BGP session, i.e., the attacker successfully masquerades as one of the peers in a BGP session, and requires the same information needed to accomplish the reset attack. The difference is that a session hijacking attack may be designed to achieve more than simply
278:
While filtering and MD5/TTL protection is already available for most BGP implementations (thus preventing the source of most attacks), the problem stems from the concept that ISPs rarely ever filter advertisements from other ISPs, as there is no common or efficient way to determine the list of
223:(RPKI) is designed to authenticate route origins via cryptographic certificate chains demonstrating address block range ownership but is not widely deployed yet. Once deployed, IP hijacking through errant issues at the origin (via accident or intent) should be detectable and filterable.
119:, to talk to any other, anywhere in the world. This is achieved by passing data from one router to another, repeatedly moving each packet closer to its destination, until it is delivered. To do this, each router must be regularly supplied with up-to-date
356:
February, 2014: Canadian ISP used to redirect data from ISPs. - In 22 incidents between
February and May a hacker redirected traffic for roughly 30 seconds each session. Bitcoin and other crypto-currency mining operations were targeted and currency was
211:
Common to these ways is their disruption of the normal network routing: packets end up being forwarded towards the wrong part of the network and then either enter an endless loop (and are discarded), or are found at the mercy of the offending AS.
184:
Although security extensions are available for BGP, and third-party route DB resources exist for validating routes, by default the BGP protocol is designed to trust all route announcements sent by peers. Few ISPs rigorously enforce checks on BGP
433:
April 2021: Large BGP routing leak out of India: over 30,000 BGP prefixes hijacked via
Vodafone Idea Ltd (AS55410) causing 13X spike in inbound traffic. Prefixes were from around the globe but mostly US including Google, Microsoft, Akamai, and
437:
February 2022: Attackers hijacked BGP prefixes that belonged to a South Korean cryptocurrency platform, and then issued a certificate on the domain via ZeroSSL to serve a malicious JavaScript file, stealing $ 1.9 million worth of
326:
leaked their internal table into the global BGP table. It lasted over 5 minutes. Although, it was detected by a RIPE route server and then it was not propagated, affecting practically only their own ISP customers and few
266:
The concept of BGP hijacking revolves around locating an ISP that is not filtering advertisements (intentionally or otherwise) or locating an ISP whose internal or ISP-to-ISP BGP session is susceptible to a
215:
Typically ISPs filter BGP traffic, allowing BGP advertisements from their downstream networks to contain only valid IP space. However, a history of hijacking incidents shows this is not always the case.
341:(ROS - Special Operations Group of the Italian National Military police) in regaining access to Remote Access Tool (RAT) clients after they abruptly lost access to one of their control servers when the
323:
150:
each are an AS. Each AS has its own unique AS identifier number. BGP is the standard routing protocol used to exchange information about IP routing between autonomous systems.
1368:: A service of reputation-based trust management and real-time alert (prefix hijacking, unstable prefix announcement), for inter-domain routing by University of Pennsylvania.
457:
1292:
409:, were hijacked by eNet (or a customer thereof), an ISP in Columbus, Ohio. Several peering partners, such as Hurricane Electric, blindly propagated the announcements.
255:
bringing down a session between BGP peers. For example, the objective may be to change routes used by the peer, in order to facilitate eavesdropping, black holing, or
1051:
207:
An AS announces that it can route traffic to the hijacked AS through a shorter route than is already available, regardless of whether the route exists.
819:
712:
1159:
765:
687:
538:
272:
46:
849:
878:
480:
220:
1138:
338:
71:
794:
422:
May 2019: Traffic to a public DNS run by Taiwan
Network Information Center (TWNIC) was rerouted to an entity in Brazil (AS268869).
167:
is inside AS 64496, then that AS will advertise to its provider(s) and/or peer(s) that it can deliver any traffic destined for
53:
1359:
928:
275:
decided to block access to the site from inside the country, but accidentally blackholed the route in the global BGP table.
138:
A group of networks that operates under a single external routing policy is known as an autonomous system. For example,
128:
40:
1116:
1310:
1387:
186:
1208:
320:
1273:
268:
231:
1251:
475:
104:
827:
716:
153:
Each AS uses BGP to advertise prefixes that it can deliver traffic to. For example, if the network prefix
1095:
1349:
1230:
591:
566:
35:
510:
413:
402:
1362:: A Real Time BGP Topology visualization and IP Hijacking Detection tool by University of Memphis.
349:
became permanently unreachable. ROS and the
Hacking Team worked with the Italian network operator
773:
391:
139:
977:
1001:
857:
820:"Brazil Leak: If a tree falls in the rainforest - Dyn Research | The New Home Of Renesys"
251:
691:
353:(AS31034) to get the prefix announced in BGP in order to regain access to the control server.
342:
204:
An AS announces a more specific prefix than what may be announced by the true originating AS.
1392:
1343:: A BGP specific monitoring system to detect prefix hijacks, route leakage and instability.
738:
449:
442:
387:
297:
287:
has access to the real data (DNS in this case) and responds correctly to end user requests.
256:
247:
795:"YouTube Hijacking: A RIPE NCC RIS case study - News & Announcements from the RIPE NCC"
115:
The
Internet is a global network that enables any connected host, identified by its unique
1353:
1073:
485:
470:
406:
45:
Written in a conversational tone. Help rewrite this article as encyclopedic content. See
798:
1381:
506:
120:
1160:"For two hours, a large chunk of European mobile traffic was rerouted through China"
662:
565:
Birge-Lee, Henry; Sun, Yixin; Edmundson, Annie; Rexford, Jennifer; Mittal, Prateek.
226:
IP hijacking is sometimes used by malicious users to obtain IP addresses for use in
902:
350:
334:
879:"How Hacking Team Helped Italian Special Operations Group with BGP Routing Hijack"
1293:"Some Twitter traffic briefly funneled through Russian ISP, thanks to BGP mishap"
1186:
616:
640:
201:
An AS announces that it originates a prefix that it does not actually originate.
1365:
1026:
460:
that required Malaysian ISP to Implement DNS Redirection by September 30, 2024
412:
July 2018: Iran Telecommunication Company (AS58224) originated 10 prefixes of
395:
375:
364:
116:
952:
309:
January 22, 2006: Con Edison Communications hijacks big chunk of the Internet
1311:"MCMC Now Orders DNS Redirection From All ISPs By 30 September - Lowyat.NET"
1052:"Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency"
383:
197:
IP hijacking can occur deliberately or by accident in one of several ways:
123:. At the global level, individual IP addresses are grouped together into
666:
379:
227:
124:
100:
1374:: List of ISPs that implement Resource Public Key Infrastructure (RPKI).
903:"Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins"
453:
419:
November 2018: US-based China Telecom site originated Google addresses.
313:
283:
147:
143:
99:) is the illegitimate takeover of groups of IP addresses by corrupting
766:"Con-Ed Steals the 'Net - Dyn Research | The New Home Of Renesys"
371:
1074:"Telegram traffic from around the world took a detour through Iran"
398:, and others, were announced by a Russian AS, DV-LINK-AS (AS39523).
131:(AS), and the routing tables between ASes are maintained using the
1356:: A BGP network audit tool (prefix hijack, route leakage) by UCLA
1164:
370:
December 2017: Eighty high-traffic prefixes normally announced by
1139:"Large European routing leak sends traffic through China Telecom"
929:"Iran's porn censorship broke browsers as far away as Hong Kong"
739:"Analysis of BGP Prefix Origins During Google's May 2005 Outage"
1187:"BGP Route Leak Incident Review: A Closer Look at a Route Leak"
1337:: A real-time BGP connectivity and security monitoring system.
132:
18:
1346:
1371:
1334:
641:"Problem Definition and Classification of BGP Route Leaks"
953:"BGP Hijacking overview - Recent BGP Hijacking Incidens"
316:
access within their country takes down YouTube entirely.
303:
December 24, 2004: TTNet in Turkey hijacks the Internet
1209:"Major Route Leak by AS28548 – Another BGP Optimizer?"
1117:"Public DNS in Taiwan the latest victim to BGP hijack"
324:
CTBC - Companhia de Telecomunicações do Brasil Central
127:. These prefixes will be originated, or owned, by an
663:"Technology | Pakistan lifts the ban on YouTube"
1340:
978:"BGPstream and The Curious Case of AS12389 | BGPmon"
1252:"KlaySwap crypto users lose funds after BGP hijack"
713:"Renesys Blog: Internet-Wide Catastrophe—Last Year"
458:Malaysian Communications and Multimedia Commission
282:One useful offshoot of this concept is called BGP
511:"Practical Defenses Against BGP Prefix Hijacking"
617:"Revealed: The Internet's Biggest Security Hole"
330:April 8, 2010: Chinese ISP hijacks the Internet
312:February 24, 2008: Pakistan's attempt to block
1274:"BGP Hijacking of Twitter Prefix by RTComm.ru"
363:April 2017: Russian telecommunication company
567:"Using BGP to Acquire Bogus TLS Certificates"
401:April 2018: Roughly 1300 IP addresses within
360:January 2017: Iranian pornography censorship.
8:
592:"An Overview of BGP Hijacking - Bishop Fox"
505:Zhang, Zheng; Zhang, Ying; Hu, Y. Charlie;
426:accepted these routes and propagated them…"
1096:"Internet Vulnerability Takes Down Google"
1002:"Popular Destinations rerouted to Russia"
72:Learn how and when to remove this message
16:Attack on Internet routing infrastructure
497:
47:Knowledge (XXG) Policies and guidelines
456:DNS IP Address on following orders by
306:May 7, 2005: Google's May 2005 Outage
242:BGP hijacking and transit-AS problems
7:
103:routing tables maintained using the
1231:"A major BGP route leak by AS55410"
539:"Breaking HTTPS with BGP Hijacking"
850:"Chinese ISP hijacks the Internet"
481:Resource Public Key Infrastructure
445:hijacked a prefix used by Twitter.
221:Resource Public Key Infrastructure
14:
1229:Siddiqui, Aftab (26 April 2021).
339:Raggruppamento Operativo Speciale
319:November 11, 2008: The Brazilian
23:
1207:Siddiqui, Aftab (13 Feb 2021).
927:Brandom, Russell (2017-01-07).
737:Tao Wan; Paul C. van Oorschot.
688:"7007: From the Horse's Mouth"
1:
232:distributed denial-of-service
848:Toonk, Andree (2010-04-08).
772:. 2006-01-23. Archived from
590:Julian, Zach (2015-08-17).
43:. The specific problem is:
1409:
615:Zetter, Kim (2008-08-26).
87:(sometimes referred to as
39:to meet Knowledge (XXG)'s
1291:Goodin (29 March 2022).
430:from over 100 countries.
269:man-in-the-middle attack
476:Border Gateway Protocol
133:Border Gateway Protocol
105:Border Gateway Protocol
537:Gavrichenkov, Artyom.
518:University of Michigan
452:hijacked Cloudflare's
571:Princeton University
405:space, dedicated to
54:improve this article
403:Amazon Web Services
1352:2008-06-28 at the
1254:. 14 February 2022
414:Telegram Messenger
392:NTT Communications
296:April 1997: The "
1388:Internet security
252:session hijacking
129:autonomous system
82:
81:
74:
41:quality standards
32:This article may
1400:
1372:Is BGP safe yet?
1322:
1321:
1319:
1318:
1307:
1301:
1300:
1288:
1282:
1281:
1270:
1264:
1263:
1261:
1259:
1248:
1242:
1241:
1239:
1237:
1226:
1220:
1219:
1217:
1215:
1204:
1198:
1197:
1195:
1193:
1183:
1177:
1176:
1174:
1172:
1156:
1150:
1149:
1147:
1145:
1135:
1129:
1128:
1126:
1124:
1113:
1107:
1106:
1104:
1102:
1092:
1086:
1085:
1083:
1081:
1070:
1064:
1063:
1061:
1059:
1048:
1042:
1041:
1039:
1037:
1027:"Born to Hijack"
1023:
1017:
1016:
1014:
1012:
998:
992:
991:
989:
988:
974:
968:
967:
965:
964:
949:
943:
942:
940:
939:
924:
918:
917:
915:
914:
899:
893:
892:
890:
889:
875:
869:
868:
866:
865:
856:. Archived from
845:
839:
838:
836:
835:
826:. Archived from
816:
810:
809:
807:
806:
797:. Archived from
791:
785:
784:
782:
781:
762:
756:
755:
753:
752:
746:Ccsl.carleton.ca
743:
734:
728:
727:
725:
724:
715:. Archived from
709:
703:
702:
700:
699:
690:. Archived from
684:
678:
677:
675:
674:
659:
653:
652:
650:
648:
637:
631:
630:
628:
627:
612:
606:
605:
603:
602:
587:
581:
580:
578:
577:
562:
556:
555:
553:
552:
543:
534:
528:
527:
525:
524:
515:
502:
450:Telekom Malaysia
448:September 2024:
298:AS 7007 incident
291:Public incidents
257:traffic analysis
248:TCP reset attack
179:
178:
175:
172:
165:
164:
161:
158:
89:prefix hijacking
77:
70:
66:
63:
57:
27:
26:
19:
1408:
1407:
1403:
1402:
1401:
1399:
1398:
1397:
1378:
1377:
1354:Wayback Machine
1331:
1326:
1325:
1316:
1314:
1309:
1308:
1304:
1290:
1289:
1285:
1272:
1271:
1267:
1257:
1255:
1250:
1249:
1245:
1235:
1233:
1228:
1227:
1223:
1213:
1211:
1206:
1205:
1201:
1191:
1189:
1185:
1184:
1180:
1170:
1168:
1158:
1157:
1153:
1143:
1141:
1137:
1136:
1132:
1122:
1120:
1115:
1114:
1110:
1100:
1098:
1094:
1093:
1089:
1079:
1077:
1072:
1071:
1067:
1057:
1055:
1054:. 24 April 2018
1050:
1049:
1045:
1035:
1033:
1025:
1024:
1020:
1010:
1008:
1000:
999:
995:
986:
984:
976:
975:
971:
962:
960:
959:. 24 April 2018
951:
950:
946:
937:
935:
926:
925:
921:
912:
910:
901:
900:
896:
887:
885:
877:
876:
872:
863:
861:
847:
846:
842:
833:
831:
818:
817:
813:
804:
802:
793:
792:
788:
779:
777:
764:
763:
759:
750:
748:
741:
736:
735:
731:
722:
720:
711:
710:
706:
697:
695:
686:
685:
681:
672:
670:
661:
660:
656:
646:
644:
639:
638:
634:
625:
623:
614:
613:
609:
600:
598:
589:
588:
584:
575:
573:
564:
563:
559:
550:
548:
541:
536:
535:
531:
522:
520:
513:
504:
503:
499:
494:
486:Internet outage
471:Bogon filtering
467:
438:cryptocurrency.
407:Amazon Route 53
347:46.166.163.0/24
333:July 2013: The
293:
244:
234:(DDoS) attack.
195:
176:
173:
170:
169:
162:
159:
156:
155:
113:
93:route hijacking
78:
67:
61:
58:
51:
28:
24:
17:
12:
11:
5:
1406:
1404:
1396:
1395:
1390:
1380:
1379:
1376:
1375:
1369:
1363:
1357:
1344:
1338:
1330:
1329:External links
1327:
1324:
1323:
1302:
1283:
1265:
1243:
1221:
1199:
1178:
1151:
1130:
1108:
1087:
1076:. 30 July 2018
1065:
1043:
1018:
993:
969:
944:
919:
894:
870:
840:
811:
786:
757:
729:
704:
679:
654:
632:
607:
582:
557:
529:
507:Mao, Z. Morley
496:
495:
493:
490:
489:
488:
483:
478:
473:
466:
463:
462:
461:
446:
439:
435:
431:
427:
423:
420:
417:
410:
399:
368:
361:
358:
354:
331:
328:
317:
310:
307:
304:
301:
292:
289:
243:
240:
209:
208:
205:
202:
194:
191:
121:routing tables
112:
109:
80:
79:
31:
29:
22:
15:
13:
10:
9:
6:
4:
3:
2:
1405:
1394:
1391:
1389:
1386:
1385:
1383:
1373:
1370:
1367:
1364:
1361:
1358:
1355:
1351:
1348:
1345:
1342:
1339:
1336:
1333:
1332:
1328:
1312:
1306:
1303:
1298:
1294:
1287:
1284:
1279:
1275:
1269:
1266:
1253:
1247:
1244:
1232:
1225:
1222:
1210:
1203:
1200:
1188:
1182:
1179:
1167:
1166:
1161:
1155:
1152:
1140:
1134:
1131:
1119:. 15 May 2019
1118:
1112:
1109:
1097:
1091:
1088:
1075:
1069:
1066:
1053:
1047:
1044:
1032:
1028:
1022:
1019:
1007:
1003:
997:
994:
983:
979:
973:
970:
958:
954:
948:
945:
934:
930:
923:
920:
908:
904:
898:
895:
884:
880:
874:
871:
860:on 2019-04-15
859:
855:
851:
844:
841:
830:on 2013-04-23
829:
825:
821:
815:
812:
801:on 2008-04-05
800:
796:
790:
787:
776:on 2013-03-08
775:
771:
767:
761:
758:
747:
740:
733:
730:
719:on 2008-02-28
718:
714:
708:
705:
694:on 2009-02-27
693:
689:
683:
680:
668:
664:
658:
655:
642:
636:
633:
622:
618:
611:
608:
597:
593:
586:
583:
572:
568:
561:
558:
547:
540:
533:
530:
519:
512:
508:
501:
498:
491:
487:
484:
482:
479:
477:
474:
472:
469:
468:
464:
459:
455:
451:
447:
444:
440:
436:
432:
428:
424:
421:
418:
415:
411:
408:
404:
400:
397:
393:
389:
385:
381:
377:
373:
369:
366:
362:
359:
355:
352:
348:
344:
340:
336:
332:
329:
325:
322:
318:
315:
311:
308:
305:
302:
299:
295:
294:
290:
288:
285:
280:
276:
274:
270:
264:
260:
258:
253:
249:
241:
239:
235:
233:
229:
224:
222:
217:
213:
206:
203:
200:
199:
198:
192:
190:
188:
182:
180:
166:
151:
149:
145:
141:
136:
134:
130:
126:
122:
118:
110:
108:
106:
102:
98:
94:
90:
86:
85:BGP hijacking
76:
73:
65:
55:
50:
48:
42:
38:
37:
30:
21:
20:
1335:Qrator.Radar
1315:. Retrieved
1313:. 2024-09-06
1305:
1297:Ars Technica
1296:
1286:
1277:
1268:
1256:. Retrieved
1246:
1234:. Retrieved
1224:
1214:14 September
1212:. Retrieved
1202:
1192:14 September
1190:. Retrieved
1181:
1169:. Retrieved
1163:
1154:
1142:. Retrieved
1133:
1121:. Retrieved
1111:
1099:. Retrieved
1090:
1078:. Retrieved
1068:
1056:. Retrieved
1046:
1034:. Retrieved
1031:Qrator.Radar
1030:
1021:
1009:. Retrieved
1005:
996:
985:. Retrieved
981:
972:
961:. Retrieved
956:
947:
936:. Retrieved
932:
922:
911:. Retrieved
909:. 2014-08-07
906:
897:
886:. Retrieved
882:
873:
862:. Retrieved
858:the original
853:
843:
832:. Retrieved
828:the original
823:
814:
803:. Retrieved
799:the original
789:
778:. Retrieved
774:the original
769:
760:
749:. Retrieved
745:
732:
721:. Retrieved
717:the original
707:
696:. Retrieved
692:the original
682:
671:. Retrieved
669:. 2008-02-26
657:
645:. Retrieved
635:
624:. Retrieved
620:
610:
599:. Retrieved
595:
585:
574:. Retrieved
570:
560:
549:. Retrieved
545:
532:
521:. Retrieved
517:
500:
441:March 2022:
351:Aruba S.p.A.
346:
345:IPv4 prefix
335:Hacking Team
281:
277:
265:
261:
245:
236:
225:
218:
214:
210:
196:
183:
168:
154:
152:
137:
114:
97:IP hijacking
96:
92:
88:
84:
83:
68:
59:
52:Please help
44:
33:
1101:13 November
1036:13 December
1011:14 December
957:noction.com
824:Renesys.com
770:Renesys.com
643:. June 2016
434:Cloudflare.
56:if you can.
1382:Categories
1341:BGPmon.net
1317:2024-09-08
987:2017-10-17
982:bgpmon.net
963:2018-08-11
938:2017-01-09
913:2016-11-07
888:2017-10-17
883:bgpmon.net
864:2019-04-15
854:BGPmon.net
834:2016-11-07
805:2008-03-31
780:2016-11-07
751:2016-11-07
723:2008-02-26
698:2008-02-26
673:2016-11-07
626:2018-04-25
601:2018-04-25
596:Bishop Fox
576:2018-04-24
551:2018-04-24
523:2018-04-24
492:References
396:Riot Games
365:Rostelecom
284:anycasting
117:IP address
111:Background
933:The Verge
907:Wired.com
546:Black Hat
384:Microsoft
246:Like the
193:Mechanism
171:192.0.2.0
157:192.0.2.0
62:June 2019
1360:NetViews
1350:Archived
1058:24 April
667:BBC News
465:See also
380:Facebook
228:spamming
187:sessions
148:AT&T
125:prefixes
101:Internet
34:require
1393:Routing
1366:AS-CRED
1347:Cyclops
1171:12 June
1144:12 June
1080:31 July
454:1.1.1.1
357:stolen.
343:Santrex
327:others.
314:YouTube
144:Verizon
135:(BGP).
107:(BGP).
36:cleanup
1258:17 Feb
1236:28 May
1123:31 May
1006:BGPMON
647:27 May
443:RTComm
388:Twitch
372:Google
337:aided
146:, and
140:Sprint
1165:ZDNet
742:(PDF)
621:WIRED
542:(PDF)
514:(PDF)
376:Apple
230:or a
1278:SANS
1260:2022
1238:2021
1216:2021
1194:2021
1173:2019
1146:2019
1125:2019
1103:2018
1082:2018
1060:2018
1038:2017
1013:2017
649:2021
219:The
321:ISP
273:PTA
95:or
1384::
1295:.
1276:.
1162:.
1029:.
1004:.
980:.
955:.
931:.
905:.
881:.
852:.
822:.
768:.
744:.
665:.
619:.
594:.
569:.
544:.
516:.
509:.
394:,
390:,
386:,
382:,
378:,
374:,
259:.
250:,
189:.
181:.
177:24
163:24
142:,
91:,
1320:.
1299:.
1280:.
1262:.
1240:.
1218:.
1196:.
1175:.
1148:.
1127:.
1105:.
1084:.
1062:.
1040:.
1015:.
990:.
966:.
941:.
916:.
891:.
867:.
837:.
808:.
783:.
754:.
726:.
701:.
676:.
651:.
629:.
604:.
579:.
554:.
526:.
416:.
300:"
174:/
160:/
75:)
69:(
64:)
60:(
49:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.