

BGP and the System of Trust That Runs the Internet, Part 2 - philip1209
https://blog.opendns.com/2015/06/25/bgp-and-the-system-of-trust-that-runs-the-internet-pt-2/

======
nullrouted
Okay great article but....you don't have to deal with the everyday
routing/peering that Level3 has to do (which is massive). It is always easy to
come in and say "well you should have done this better" without understanding
the business, politics or the processes in place. This is one of the things
that annoy me about security "professionals" these days, it is really easy to
point out what is wrong but in reality it is hard to fix those issues.

For this case sometimes ISPs choose to trust other ISPs and their processes.
Rather than create duplication of effort/work they say "hey we know you are
good and you have the processes in place" which is sort of what the internet
was built on. So Level3 trusted this ISP to filter their routes and they
didn't, lesson learned. Not everything needs to go through duplicate work/100
checks and balances before it gets done. Yes there are minimum things Level3
could have done better but seriously you don't know the situation, the
politics or the process. Good article without context.

