Major Update of Security Detectors
Our team is pleased to announce the launch of the new engine for detecting route loops. The results have proved to be very interesting. Every day we detect several thousands of BGP dynamic loops and millions of static loops. Many of them affect links between ASes and can be used for amplification in DDoS attacks.
We also updated our MOAS conflict detector: now it shows not only conflicts for equal prefixes but also for more and less specific prefixes.
Next, we added several new types of monitored DDoS amplifiers. Now we are detecting amplification vulnerabilities in 10 various protocols: ICMP, DNS, NTP, SNMP, SSDP, CHARGEN, QOTD, NETBIOS, RIPv1, and PORTMAP.
Finally, we added support for IPv6 routes in our BGP reflector. If you have IPv6 routes, you can send them to us via the existing IPv4 session. It will help Radar to improve the detection of your IPv6 peerings and connectivity, and will be required for some IPv6 tools added in future releases.
A Simple BGP
A Simple BGP is initiative of Radar by Qrator team which aims to simplify the process of BGP configuration and avoid route leaks by adding built-in protection against route leaks in BGP.
Route leak is a network anomaly, when route learned from provider or peer is announced to another provider or peer. The effect of such issues could vary from increased network delays for victim (originator of prefix) to DoS for both victim and leaker. According to our research main reason of these routing issues are mistakes in BGP configuration. You could find more details about proposed BGP extension on our website. We have already implemented this extension as a fork of BIRD routing daemon. You could download it from GitHub under GNU public license. This implementation has full backward compatibility with "classic" BGP, so you are welcome to use it now and be sure that you will have no route leaks inside your network.
We have also finished big inner work with our AS relation model and architecture reconfiguration. The result of these changes should make data accurate and we now are quite near to start providing real time service. The weekly reports will be back at next Monday.
We are waiting for your comments, feedbacks and suggestions! You could also catch us in person during this week at RIPE meeting.