In this paper we consider the problem of reducing the vulnerability of
BGP in the face of misconfigurations and malicious attacks. To
address this problem we propose two techniques: Listen and
Whisper. Used together these techniques can detect and contain invalid
routes propagated by isolated adversaries, and a large number of
problems due to misconfigurations. To demonstrate the utility of
Listen and Whisper, we use a combination of real world deployment and
empirical analysis. In particular, we show that Listen can detect
unreachable prefixes with a low probability of false negatives, and
that Whisper can limit the percentage of nodes affected by a randomly
placed isolated adversary to less than . Finally, we show that
both Listen and Whisper are easy to implement and deploy. Listen is
incrementally deployable and does not require any changes to BGP,
while Whisper can be integrated with BGP without changing the packet
format.