1) So this happened to one of the largest social and internet networks in the world. Let me walk you through citing @DougMadory and his analysis at krebsonsecurity.com/2021/10/what-h…, why it will happen again and what we think the future is
2) "at approximately 11:39 a.m. ET today (15:39 UTC), someone at Facebook caused an update to be made to the company’s Border Gateway Protocol (BGP) records"
3) if true, a misconfiguration of BGP routes was pushed by an engineer hiding Facebook from the world and locking employees out of their own network requiring hardware intervention.
4) BGP tells the world where to find Facebook, when you try to reach facebook.com. Facebook was gone.
5) BGP hijacks are common, misconfigurations even more so. There is no safety mechanism to prevent internet network participant to spread the misconfigurations propagating to virtually all internet devices within minutes.
6) Managing large complex networks using BGP is a task to be avoided. Very few experts can do it properly, mistakes are often and the cost is often instantaneously global.
7) @Syntropynet philosophy is managing networks in a programmable way between your applications, not data centres or even whole regions
8) Treat internet as Zero-Trust network, leave BGP to find network participants not to manage routing and network configurations. Especially smaller and application data pipes.
9) Have immutable ledger, auditable Role Based Access Controls and smart contracts to manage the network in a precise application-to-application manner and multi-sig control. No more single point of failure fat finger errors affecting billions of people in minutes.
10) Have virtual private network for each application and surgical VPN tunnels between your services and employee machines. Mitigate risk of BGP mishab affecting internal operations and infrastructure. It's akin to locking yourself out of the house, looking for a window to climb.
11) Route around a BGP route congestion or misconfiguration by finding a working internet path for each application data stream, if the problem is not related to disappearing from DNS records.
12) @SyntropyStack has already prevented outages for existing clients when one or few of #DARP paths were not affected by a network failure between data centres or regions. The client had no other way to control the outage as it was happening outside their infrastructure.
13) @SyntropyStack is purpose built to manage, monitor and troubleshoot your network easily and securely. And troubleshooting BGP is something no one wants to do. Ever. Bring on #web3, $noia and new way of building apps. 
• • •
Missing some Tweet in this thread? You can try to
force a refresh
