Hej,
this is my first post in this list - my perspective is taht of a
security guy with little knowledge about BGP or the inner workings of
RIPE, but very interested in everything that helps definding against the
bad guys.
Den 2019-09-05 kl. 15:23, skrev Marco Schmidt:
> The goal of this proposal is to define that BGP hijacking is not
> accepted as normal practice within the RIPE NCC service region.
Firstly, thanks everyone involved for the effort in setting up this
policy proposal. I like many points, e.g. that it makes clear that
accidental events shall not be reprimanded. Others might deserve being
rephrased, e.g. CSIRTS being entitled to file reports.
On the other hand, I had a hard time trying to determine the positive
impact of the proposed policy.
On the formal side, to define that hijacking is a violation of policy
without specifying which policy is violated gives me a mental blue
screen. As far as I know, please correct me if I'm wrong, there is no
policy in RIPE that proscribes hijacking, and neither would 2019-03 do that.
This makes sense to me, as (again, correct me if I'm wrong) RIPE isn't
involved in routing operations - but that's where hijacking attacks take
place.
Should RIPE kick out the evil LIRs? Maybe, but the proposed policy
doesn't do that. The opposite holds true: "RIPE-716) may apply." and
"This policy does not endorse the initiation of an LIR closure procedure
on the basis of a single policy violation." No mention what happens
after multiple (how many? depending on LIR size? ...) violations.
I failed to find any way how implementing this proposal would improve
security. I've also tried to save the proposal's impetus by coming up
with realistic and effective suggestions - but failed as well.
For now, my conclusion is that this isn't the way to go.
Cheers,
Alexander
--
Alexander Talos-Zens
IT-Security - ACOnet-CERT
Zentraler Informatikdienst
http://zid.univie.ac.at
Universität Wien
Universitätsstraße 7
1010 Wien
T +43-1-4277-14351
a...@univie.ac.at
GPG-Key-Id: 0x757A494B