An Internet Society-backed effort to thwart malicious Internet traffic and abuse now tracks routing incidents online via a free tool that also shows how much of its agreed-upon set of routing security and resiliency practices that network providers worldwide have adopted to date.
The Mutually Agreed Norms for Routing Security (MANRS) initiative's new MANRS Observatory turns up the heat on network providers' compliance to filtering incorrect or malicious routing information; preventing spoofed source IP addresses; validating routing information; and coordinating among other network operators. MANRS, which launched in 2014, includes members such as Comcast, Google, and Microsoft, with more than 200 network operator members and 35 Internet exchange points. The initiative hopes to quell attacks on the Internet's routing infrastructure.
There were some 12,000 routing outages or attacks worldwide in 2018, the group says. One particularly painful incident last November misrouted Google's traffic through China after a Nigerian ISP misconfigured a routing protocol filter. The mistake ultimately took down the Net in several regions and raised privacy concerns.
"Routing security remains a problem," says Andrei Robachevsky, senior technology program manager at the Internet Society. "Routing is often a target to affect other services" on the Internet, he says.
The MANRS Observatory in part is intended to give members a visual reality-check on where they stand in advancing the security and resiliency of the Internet routing infrastructure, according to Robachevsky. "We need to work at being more transparent and more measurable," he says. "It [puts] internal pressure on participants so they cannot hide behind state websites" of routing statistics.
Observatory has both a private and public interface, and it aggregates data from a number of third-party sources into a dashboard that helps spot trouble areas for network providers. "The tool allows you to see by region and country for your individual network," he says, and gives a read on the security of the provider's routing infrastructure.
Internet security expert Paul Vixie says one hurdle for network providers in adopting routing security practices such as source address validation is that it benefits their competitors. "If you're investing in making your network cleaner, you will not be the primary beneficiary. Your competitors will be, and that's often a tough sell."
He says the MANRS Observatory should help the initiative gain more traction. "MANRS makes it formal what it means to not be 'that guy'" with the insecure routing infrastructure, says Vixie, founder and CEO of Farsight Security.
Meanwhile, MANRS plans to recruit content delivery network providers and more equipment vendors, and to continuously evolve and expand Observatory with greater measurement capabilities and other functions.
"We see Observatory as a performance barometer," Robachevsky says. It can help network providers see routing problems they didn't know they had in certain regions, for example. "Another thing is social responsibility, the cornerstone of MANRS. Being transparent."