Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
An Overview of our Activities
Internet Society in 2018
Raúl Echeberría
Vice President, Global Engagement
22 October 2018
Presentation title – Client name1
Our Mission:
We believe an open, globally-connected, trustworthy, and secure Internet is for everyone.
2
A Campaign Approach to 2018
3
Community Networks
Internet Governance
IoT MANRS
Community Networks
4
Help us connect the unconnected. “Take action to switch on the Internet, community by community.”
The Goal:
We want policy and decision makers to adopt new and innovative approaches to connect people in remote locations to the Internet.
Community networks is an alternate solution as a means of access
Tusheti Region Georgia
Internet Governance
5
Promote collaborative governance “Strengthening collaborative governance for a sustainable
Internet”
The Goal:
We want to expand and enhance the multistakeholder model by critical governments and intergovernmental organizations world-wide. We want a responsible and sustainable Internet that reflects a diverse and inclusive world.
IoT
6
Make our connected world a safer place. “Trust by design”
The Goal:
We want supplies and manufacturers to adopt security and privacy in their IoT devices to protect the network, users, and critical infrastructure from threats.
Safe and secure IoT puts people first.Back our #SecureIt campaign.
ISOC_IoT_A1_Poster01.indd 1 22/08/2018 19:11
MANRS
7
Strengthen the global routing system “Mutually Agreed Norms for Routing Security (MANRS)”
The Goal:
We want network operators to adopt our recommended actions to improve the security of the routing system of the Internet.
The Basics: How Routing Works
8
There are ~60,000 networks (Autonomous Systems) across the Internet, each using a unique
Autonomous System Number (ASN) to identify itself to other networks.
Routers use Border Gateway Protocol (BGP) to exchange “reachability information” - networks
they know how to reach.
Routers build a “routing table” and pick the best route when sending a packet, typically based on
the shortest path.
The Honour System: Routing Issues
9
Border Gateway Protocol (BGP) is based entirely on trust between networks
• No built-in validation that updates are legitimate• The chain of trust spans continents• Lack of reliable resource data
Which Leads To …
Routing Incidents Cause Real World Problems
11
Event Explanation Repercussions Example
Prefix/Route Hijacking
A network operator or attacker impersonates another network operator, pretending that a server or network is their client.
Packets are forwarded to the wrong place, and can cause Denial of Service (DoS) attacks or traffic interception.
The 2008 YouTube hijack
Route Leak A network operator with multiple upstream providers (often due to accidental misconfiguration) announces to one upstream provider that is has a route to a destination through the other upstream provider.
Can be used for traffic inspection and reconnaissance.
September 2014. VolumeDrive
began announcing to Atrato nearly
all the BGP routes it learned from
Cogent causing disruptions to
traffic in places as far-flung from
the USA as Pakistan and Bulgaria.
IP Address Spoofing
Someone creates IP packets with a false source IP address to hide the identity of the sender or to impersonate another computing system.
The root cause of reflection DDoS attacks
March 1, 2018. Memcached
1.3Tb/s reflection-
amplificationattack reported by
Akamai
12
The Solution: Mutually Agreed Norms for Routing Security (MANRS) Provides crucial fixes to eliminate the most common routing threats
13
Mutually Agreed Norms for Routing Security
MANRS defines four simple but concrete actions that network operators must implement to dramatically improve Internet security and reliability.• The first two operational improvements eliminate the root causes of common routing issues and
attacks, while the second two procedural steps improve mitigation and decrease the likelihood of future incidents.
CoordinationFacilitate global
operational communication and
coordination between network operators
Maintain globally accessible up-to-date contact
information in common routing databases
Anti-spoofingPrevent traffic with spoofed source IP
addresses
Enable source address validation for at least single-
homed stub customer networks, their own end-users, and infrastructure
MANRS Actions
FilteringPrevent propagation of
incorrect routing information
Ensure the correctness of your own announcements and announcements from
your customers to adjacent networks with prefix and AS-
path granularity
Global ValidationFacilitate validation of
routing information on a global scale
Publish your data, so others can validate
14
15
The IXP ProgrammeLaunched April 23, 2018
IXPs and Interconnection.
16
Primary role
• Keep local Internet traffic within local infrastructure and reduce costs associated with traffic exchange between networks.
• Improve the quality of Internet services and drive demand by reducing delay and improving end-user experience.
• Create a convenient hub for attracting key Internet infrastructures within countries.
• Act as a catalyst for overall Internet development including commercial, governmental and academic stakeholders.
Collective responsibility
Reaping the benefits of ICT is dependent on reducing Internet connectivity and bandwidth costs, improving infrastructure, and improving quality of service to all Internet users.
The responsibility now rests on ISPs, governments, businesses, and consumers. Collectively we must press for faster roll out of the ICT infrastructure and services that are foundational to our dreams of building a Caribbean
internetsociety.org@internetsociety
Thank you.
Galerie Jean-Malbuisson 15 CH-1204 GenevaSwitzerland+41 22 807 1444
11710 Plaza America DriveSuite 400Reston, VA 20190 USA +1 703 439 2120
17
.internetsociety.org@internetsociety
Get involved.
Galerie Jean-Malbuisson 15 CH-1204 GenevaSwitzerland+41 22 807 1444
11710 Plaza America DriveSuite 400Reston, VA 20190 USA +1 703 439 2120
There are many ways to support the Internet. Find out today how you can make an impact.
18
internetsociety.org@internetsociety
Involúcrate.
Galerie Jean-Malbuisson 15 CH-1204 GenevaSwitzerland+41 22 807 1444
11710 Plaza America DriveSuite 400Reston, VA 20190 USA +1 703 439 2120
19