In this talk, we take a look at where we are as a community with regard to BGP security. The session will walk through the history of the technology, techniques used, realistic risk assessments, and proposals in the queue for a BGP environment that is more resistant to attack (IETF's RPSEC, SBGP, and soBGP).

The presentation is based on a paper (PDF) titled "BGP Risk Assessment" (updated 4/20/04) which was created for the operations community and submitted to the US National Security Council ISP BGP & DNS Working Group. (See related slides from Avi Freedman's NANOG 25 talk.)

Note: on 4/20/04 the materials in this presentation were updated based on http://www.uniras.gov.uk/vuls/2004/236929/index.htm.