Mutually Agreed Norms for Routing Security (MANRS) lets network operators and the public view online router incidents worldwide.
An Internet Society-backed effort to thwart malicious Internet traffic and abuse now tracks routing incidents online via a free tool that also shows how much of its agreed-upon set of routing security and resiliency practices that network providers worldwide have adopted to date.
The Mutually Agreed Norms for Routing Security (MANRS) initiative’s new MANRS Observatory turns up the heat on network providers’ compliance to filtering incorrect or malicious routing information; preventing spoofed source IP addresses; validating routing information; and coordinating among other network operators. MANRS, which launched in 2014, includes members such as Comcast, Google, and Microsoft, with more than 200 network operator members and 35 Internet exchange points. The initiative hopes to quell attacks on the Internet’s routing infrastructure.
There were some 12,000 routing outages or attacks worldwide in 2018, the group says. One particularly painful incident last November misrouted Google’s traffic through China after a Nigerian ISP misconfigured a routing protocol filter. The mistake ultimately took down the Net in several regions and raised privacy concerns.
“Routing security remains a problem,” says Andrei Robachevsky, senior technology program manager at the Internet Society. “Routing is often a target to affect other services” on the Internet, he says.
The MANRS Observatory in part is intended to give members a visual reality-check on where they stand in advancing the security and resiliency of the Internet routing infrastructure, according to Robachevsky. “We need to work at being more transparent and more measurable,” he says. “It [puts] internal pressure on participants so they cannot hide behind state websites” of routing statistics.
Observatory has both a private and public interface, and it aggregates data from a number of third-party sources into a dashboard that helps spot trouble areas for network providers. “The tool allows you to see by region and country for your individual network,” he says, and gives a read on the security of the provider’s routing infrastructure.
Internet security expert Paul Vixie says one hurdle for network providers in adopting routing security practices such as source address validation is that it benefits their competitors. “If you’re investing in making your network cleaner, you will not be the primary beneficiary. Your competitors will be, and that’s often a tough sell.”
He says the MANRS Observatory should help the initiative gain more traction. “MANRS makes it formal what it means to not be ‘that guy'” with the insecure routing infrastructure, says Vixie, founder and CEO of Farsight Security.
Meanwhile, MANRS plans to recruit content delivery network providers and more equipment vendors, and to continuously evolve and expand Observatory with greater measurement capabilities and other functions.
“We see Observatory as a performance barometer,” Robachevsky says. It can help network providers see routing problems they didn’t know they had in certain regions, for example. “Another thing is social responsibility, the cornerstone of MANRS. Being transparent.”
Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise … View Full Bio
- [LLODO] Michigan state Dem pepper-sprayed, charged with DUI, resisting arrest, weapons possession: report
- [LLODO] Head of NYC’s posh Dalton School leaving at the end of 2021
- [LLODO] Chilling video captures moment a love triangle erupts in murder, revenge in NYC
- [LLODO] NYPD officers hit with Molotov cocktail and liquid chemical in face, police say
- [LLODO] California group files federal civil rights complaint over San Diego school district’s ‘racist’ teachings
- [LLODO] Podcast helped in hunt for 1996 killer of California student
- [LLODO] National weather forecast: Parts of Northeast could see more than a foot of snow
- [LLODO] Cuomo boasts he ‘invented’ NYS-scented hand sanitizer, faces no questions over scandals
- [LLODO] Teacher who decried NYC school’s ‘indoctrination’ put on remote work: ‘Feels like punishment’