TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an hijacking AS, advertises illegitimately a prefix equal or more specific to a prefix delegated to another AS, called the hijacked AS.
tabi v1.0.2
Usually, TaBi processes BGP messages that are archived in MRT files. Then, in order to use it, you will then need to install a MRT parser. Its favorite companion is MaBo, but it is also compatible with CAIDA’s bgpreader. Internally, TaBi translates BGP messages into its own representation. Therefore, its is possible to implement new inputs depending on your needs.
Usage and install from source:
git clone https://github.com/ANSSI-FR/tabi && cd tabi virtualenv ve_tabi source ve_tabi/bin/activate pip install py-radix python-dateutil python setup.py install wget -c http://data.ris.ripe.net/rrc01/2016.01/bview.20160101.0000.gz wget -c http://data.ris.ripe.net/rrc01/2016.01/updates.20160101.0000.gz tabi -h tabi -j 8 rrc01 results/ bview.20160101.0000.gz updates.20160101.0000.gz
Source: https://github.com/ANSSI-FR