Contact us
  • November 17th, 2017


    On November 7, 2017, a bunch of blogs wrote about a route leak created by Level3 that affected a significant amount of users. Route leaks happen all the time, and we persistently monitor them all around the world. Except for the mentioned one, which was not detected by our system. So, for Qrator.Radar team it was vital to get into details of this particular incident and understand why our detectors missed this one. We decided to look into it, but this incident analysis took us some time. However, here's the result.

    Check if your IP, AS or Domain was affected:  

  • November 2nd, 2017

    Full Path Incidents & Bogons

    Qrator Labs Radar team is proud to announce the significant change in detection of routing incidents. Previously we were able to give information only about ‘abnormal’ subpath, due to limits of our previous model representation. We put a lot of effort to design and deploy our new model that is capable of processing hundreds of full view BGP sessions in real time which includes compressing data, analyzing compressed representation and full AS_PATH reconstruction for detected incidents. This change substantially increased our opportunities to detect accepted route leaks. Also, with this new functionality, we decided to add in our security section information about bogon routes.


  • October 17th, 2017

    Global consequence of the specific bug in a Quagga routing engine

    Two weeks ago Qrator Radar team encountered an intricate network incident, which clarification resulted in an internal investigation/research, victims and perpetrators search and attempts to remedy the situation. On September 30, 2017, our team drew attention to an unusually large number of flashing BGP sessions.

    Check if your IP, AS or Domain was affected:  

  • September 28th, 2017

    Local Leak with Global Effects

    On Wednesday, September 27, at 13:28 UTC AS9299, belonging to the largest ISP at the Philippines - Philippine Long Distance Telephone Company (PLDT), leaked prefixes between several Tier-1 operators (TATA, Cogent, Telecom Italia, PCCW) and AS1273, owned by Vodafone Europe. As a result traffic from more than 2000 prefixes in USA, India, and Philippines was redirected to Asia region.

    Check if your IP, AS or Domain was affected:  

  • September 22nd, 2017

    When Bank Plays in IP-transit Games

    On September 22 at UTC 8:00 AS51136, belonging to the HomeCredit Bank, leaked more than 55 000 prefixes between two huge ISPs Transtelecom (AS20485) and Vimpelcom (AS3216).

    Most of the affected prefixes are originated by ISPs from United States, China, Brazil, Japan, Mexico, Canada and Russia. This anomaly ended only at 10:22, making this route leak enduring for more than 2 hours.

    Check if your IP, AS or Domain was affected:  

  • September 8th, 2017

    Massive Vodafone India route leak

    On September 5 the year 2017, at 15:03 UTC AS55410, owned by Vodafone India leaked more than 10 000 prefixes in the direction of AS1273, belonging to the parent Vodafone holding headquartered at Newbury, United Kingdom. This leak further spread to the outer world, including most Tier-1 ISPs.

    Three big Indian ISPs suffered directly: (ASNs: 4755, 18101 and 9498), increasing latency in their networks. More than 400 operators within South Asia region were affected collaterally. The active phase of this incident lasted for 5 minutes, with a total leak duration of 25 minutes.

    Check if your IP, AS or Domain was affected:  

  • July 11th, 2017

    Reliability of National Internet Segments

    The connectivity of Internet at the network layer is a result of interaction between autonomous systems (AS), and it is more stable the more alternatives routes between ASNs there exist, which is basic fault tolerance principle. This research shows how outage of single, though significant AS affects the global connectivity of the region.


  • May 10th, 2017

    BGP Open Ports

    Qrator Radar team is pleased to announce a new feature of our network scanner: we begin to detect hosts with vulnerable ports in your network. At this moment we are detecting open TCP ports of BGP network protocol. This protocol is often used by network devices (especially border routers), and generally access to these devices should be restricted using ACL. If such port is open for everyone, it is a serious vulnerability which can be used by attacker to cause denial of service of the network device, which can in turn cause outage of whole networks.

    To check your networks for vulnerable hosts, please visit the \"Vulnerable Ports\" page on our website.


  • April 6th, 2017

    New Client Portal and Qrator Initiatives

    For a long time, we have been working on the improvement of the UI. Today, we are pleased to announce our first step – the client portal has been totally redone. We hope you will notice that the reports are much more useful and the configuration process is easier now. We are also launching Initiatives website where we are going to share our ideas on changing the Internet to the better. As for now two initiatives are described – route leak mitigation and ASN union. You are welcome to subscribe, comment and share your ideas!


  • October 24th, 2016

    Global Looking Glass aka Realtime Graph

    Our team is pleased to announce the launch of the completely new BGP graph. Compared to the previous version, it has a number of significant improvements and new features. First and most important, the new graph shows BGP announces at the current moment, and all changes are now updated in real time. We worked much on design and readability in order to present even complicated situations as simple as possible. You can now explicitly specify the list of autonomous systems for which you are interested in chosen BGP paths. So now you can use Radar graph as global looking glass. Please check all the new features by choosing "Graph" item in the left-side menu. You could also improve the quality of our data by establishing BGP multihop session with our reflector.


  • February 8th, 2016

    Major Update of Security Detectors

    Our team is pleased to announce the launch of the new engine for detecting route loops. The results have proved to be very interesting. Every day we detect several thousands of BGP dynamic loops and millions of static loops. Many of them affect links between ASes and can be used for amplification in DDoS attacks. We also updated our MOAS conflict detector: now it shows not only conflicts for equal prefixes but also for more and less specific prefixes. Next, we added several new types of monitored DDoS amplifiers. Now we are detecting amplification vulnerabilities in 10 various protocols: ICMP, DNS, NTP, SNMP, SSDP, CHARGEN, QOTD, NETBIOS, RIPv1, and PORTMAP. Finally, we added support for IPv6 routes in our BGP reflector. If you have IPv6 routes, you can send them to us via the existing IPv4 session. It will help Radar to improve the detection of your IPv6 peerings and connectivity, and will be required for some IPv6 tools added in future releases.


  • November 17th, 2015

    A Simple BGP

    A Simple BGP is initiative of Radar by Qrator team which aims to simplify the process of BGP configuration and avoid route leaks by adding built in protection against route leaks in BGP. Route leak is a network anomaly, when route learned from provider or peer is announced to another provider or peer.  The effect of such issues could vary from increased network delays for victim (originator of prefix) to DoS for both victim and leaker. According to our research main reason of these routing issues are mistakes in BGP configuration. You could find more details about proposed BGP extension on our website. We have already implemented this extension as a fork of BIRD routing daemon. You could download it from GitHub under GNU public license. This implementation have full backward compatibility with \"classic\" BGP, so you are welcome to use it now and be sure that you will have no route leaks inside your network. We have also finished big inner work with our AS relation model and architecture reconfiguration. The result of these changes should make data accurate and we now are quite near to start providing real time service. The weekly reports will be back at next Monday. We are waiting for your comments, feedbacks and suggestions! You could also catch us in person during this week at RIPE meeting.


  • June 10th, 2015

    IPv6, MOAS conflicts and lots of other things

    Qrator Radar team is pleased to announce the launch of a number of new mechanisms. First of all we finally added support for IPv6. Now we've got three major blocks: IPv4 connectivity, IPv6 connectivity and Security Issues combining the data for both IPv4 and IPv6. The next thing to notice is that the detection of Multiple Origin AS (MOAS) was added. The same as in case of Route Leaks, we are not trying to determine the reason for such network anomaly -- it's just the detection of its presence. We also implemented DNS resolve for domain names, which means that now you only need to enter the domain name in the search field. Security Issues for domain names are coming soon. And the last feature in this release: reports. You now have an opportunity to subscribe for aggregated weekly or monthly reviews of your AS. These reports cover both connectivity and security issues.


  • May 5th, 2015

    New Design with new Functionality

    Our team is pleased to announce the launch of a fully new version of our portal. We've been working hard to improve UI interfaces and the quality of the data in our AS Relation model. In this release we also launch an open beta of our new tool – Global Reverse Looking Glass. With its help you can now determine the path(s) to your prefix which the target AS will choose according to the determined prepend policy. To access this tool you only need to establish a BGP multihop session with our reflector.


  • February 3rd, 2015

    Detecting hidden relationships

    The Radar by Qrator team is glad to announce the launch of the new model of inter-AS relations and priority determination which is expected to significantly improve the quality of our data. This new model gave us a number of additional opportunities. For example, we are now able to correctly distinguish paid and free peering relationships. On the base of the updated model we are going to add new functionality on our portal in the near future. The first one from this set of tools will be the global Reverse Looking Glass.


  • May 23rd, 2014

    Route Leak Monitor

    Qrator Radar team is pleased to announce launch of our Route Leak Monitor. Routing leaks could occur due to accidental mistakes or with help of comprised routers. But in all cases these routing incidents are undetectable from origin AS and often unnoticed by "leaker" AS. The typical result of route leaks is increase of delays or traffic loss due to bandwidth exhaustion. We provide detailed information about route leaks for both parties: for "leakers" and "victims" AS.


  • April 22nd, 2014

    Improvements in DDoS amplifiers monitoring module

    Qrator Radar team is pleased to announce several significant improvements in our DDoS amplifiers monitoring module. We have extended the number of supported protocols commonly used for amplification attacks, and we are planning to add the support of other important protocols in the near future. In addition to DNS and ICMP, we are now detecting vulnerable NTP and SNMP servers. Furthermore, we are now monitoring DDoS amplifiers on the entire IPv4 address space, so we are able to detect almost all amplifiers of the specified types in the particular Autonomous System.


  • November 28th, 2013

    New Features with New Design

    Qrator Radar team is pleased to announce the launch of updated user interface. We’ve tried to improve the usability by adding infographics for AS Relations and Security Data. We also added several features such as full text search for all kinds of data, customer core rating, botnet activity in AS and aggregated security monitor for faster analysis.


  • September 2nd, 2013

    New time machine functionality: detailed history for AS Relations

    Qrator Radar team is pleased to announce launch of new detailed history feature. Today it covers changes in "customer to provider" and "peer to peer" relations for each Autonomous System.


Contact us

Thank you for feedback!

We will contact you by provided email address.