NETSEC SIG
Mission
To foster the deployment of inter-AS network security BCPs, coordinated mitigation, and information sharing.
Objectives:
- To encourage the adaption of inter-AS security Best Current Practices (BCPs)
- To facilitate response coordination of inter-AS BGP routing issues and abuse
- To promote inter-AS DDoS traceback and mitigation
- To encourage inter-AS security incident event sharing
SIG topics and areas of interest:
- Route hijacks and leaks
- DDoS
- Traceback and attack source attribution
- DNS and DNSSEC operational issues
- RPKI, ROV, and other burgeoning routing security technologies
- BCPs, tools, and resources such as those from MANRS.org and PeeringDb.com
- Network operator and researcher networking
Goals & Deliverables
- Compile a set of inter-AS security BCPs and resources for CSIRTS and network security teams
- Deliver regular inter-AS security workshops or tutorials at FIRST events
- Provide a Slack channel and mailing list to faciltate inter-AS security discussions
- Disseminate technical briefs on inter-AS security involving the shared fate of subsystems such as DNS, Routing, Email and others through regular SIG meetings and FIRST blog posts
- Explore extending the FIRST teams directory to publish ASN, MANRS status, and PeeringDB link as applicable
- Promote the SIG to qualified external parties and individuals already members of FIRST
Chair
- John Kristoff
- Hendrik Adrian
- Carlos Friacas
- Aaron Kaplan
- Merike Kaeo
Meetings
- Annual meetings to coincide with the FIRST annual conference
- Initially Bi-weekly Zoom meetings, later we can reduce the frequency
Glossary
- AS - Autonomous System
- BCP - Best Common Practice
- BGP - Border Gateway Protocol
- DDoS - Distributed Denial of Service
- MANRS - Mutually Agreed Norms for Routing Security
Additional considerations
Intended audience
- inter-AS router and network operators
- inter-AS DNS service providers
- inter-AS security researchers
- CSIRT inter-AS security members
Participation Requirements
- This is an individual-only approved SIG, no teams nor aliases
- Individuals should be able to prove they possess sufficient inter-AS security responsibility
- Individual email addresses must remain active and be periodically tested
Roadmap
- Phase 1 - Group formation
- Phase 2 - inter-AS security documentation and resource compilation
- Phase 3 - Expand operational capacity and services
Request to Join