14,932
edits
Changes
Jump to navigation
Jump to search
Line 38:
Line 38: + − + + +
→Routing Security
==Routing Security==
==Routing Security==
In June 2022, the [[SSAC]] released SAC121, which provides information on:
In June 2022, the [[SSAC]] released SAC121, which provides information on:
* The Internet’s routing system,
* The Internet’s routing system,
* routing [[cybersecurity|security]] challenges for [[DNS]] infrastructure operators and their implications,
* routing [[cybersecurity|security]] challenges for [[DNS]] infrastructure operators and their implications,
* the role of network operators in securing the Internet's routing system, and
* the role of network operators in securing the Internet's routing system, and
* security extensions of the border gateway protocol.<ref>[https://www.icann.org/en/system/files/files/sac-121-en.pdf SAC121, ICANN Files]</ref>
* security extensions of the border gateway protocol.<br/>
Attackers can inject false routes or information into the routing system. Mistakes can occur through misconfiguration, making it difficult to determine whether a routing incident was intentional or not. Performing [[DNSSEC]] validation on signed domain names can protect against routing hijacks. The RPKI builds upon the earlier work of routing registries by associating digital signatures with some of the information found in Internet routing messages.
[[MANRS]] is one of many security responses to routing issues<ref>[https://www.manrs.org/ MANRS]</ref>; SAC121 is for a much broader audience.<ref>[https://www.icann.org/en/system/files/files/sac-121-en.pdf SAC121, ICANN Files]</ref>
==References==
==References==