Routing security can be a difficult topic to explain. It’s technical. It’s filled with industry jargon and acronyms. It’s, well, nerdy. But routing security is vital to a stable and secure future Internet, and we here at the Internet Society have been supporting the Mutually Agreed Norms for Routing Security (MANRS) initiative for several years now. To help explain, at a very high level, some of the major routing security issues and how MANRS can help address them, we’re pleased to announce a new explanatory video.
Available with English, French, and Spanish subtitles, this short new video explains three major incidents that can lead to things like denial of service attacks, surveillance, and lost revenue:
- Route Hijacking – when one network operator or attacker impersonates another
- Route Leak – when a network operator unintentionally announces that it has a route to a destination
- IP Address Spoofing – when fake source IP addresses hide a sender’s identity
Network operators of all sizes have a role to play in securing the Internet’s routing infrastructure. By implementing the four simple MANRS Actions, together we can make significant improvements to reduce the most common routing threats. Those four actions are:
- Filtering – making sure your and your customers’ routing announcements are correct
- Anti-spoofing – enabling source address validation to prevent spoofed packets from entering or leaving your network
- Coordination – maintaining globally accessible contact information in common places such as the PeeringDB, RIR whois databases, and your own website.
- Global Validation – publishing your data, including your routing policy and prefixes you intend to advertise, so your routing information can be validated by third parties.
Your security depends on others, and your actions affect the security of others. By implementing these four simple, non-disruptive MANRS actions, together we can protect the core.