Re: [AusNOG] google potential route hijacked.

2018-11-12 Thread Dobbins, Roland
On 13 Nov 2018, at 13:50, Paul Wilkins wrote: > If RPKI only had the same chain of trust for in-addr.arpa as the rest > of DNS does back to iana. Strong route origin policies via RPKI, plus draft-azimov-sidrops-aspa-verification-01 & draft-ietf-grow-rpki-as-cones-00 are ultimately the way

Re: [AusNOG] google potential route hijacked.

2018-11-12 Thread Paul Wilkins
What I think's interesting is that route filters are still the go to for BGP authentication. Nobody steals DNS to the degree of BGP, because DNS has solid PKI authentication. If RPKI only had the same chain of trust for in-addr.arpa as the rest of DNS does back to iana. Kind regards Paul

Re: [AusNOG] Telstra Broadband Protect

2018-11-12 Thread Jamie Le
Hi team, Does anyone have a contact at Telstra who managed their Broadband Protect product? We've had some major issues recently with getting a domain removed. Thanks Jamie___ AusNOG mailing list AusNOG@lists.ausnog.net

Re: [AusNOG] google potential route hijacked.

2018-11-12 Thread Dobbins, Roland
On 13 Nov 2018, at 11:53, Binh Lam wrote: > just to whom who provided critical infrastructures (ie, email, DNS > hosting, cloud providers, > online banking sites subnets, high profile sensitive online sites , > etc..) This is both untenable and undesirable. Nor is Internet nor 'critical

Re: [AusNOG] google potential route hijacked.

2018-11-12 Thread Binh Lam
On Tue, Nov 13, 2018 at 3:34 PM Aftab Siddiqui wrote: > Hi Binh, > Thanks for sharing this. The most likely issue is NO prefix filtering at > China Telecom end. Mainone (AS37282) leaked probably everything they > learned from IXPN (Lagos IXP) Route Server to its direct peer AS4809 (China >

Re: [AusNOG] google potential route hijacked.

2018-11-12 Thread Aftab Siddiqui
Hi Binh, Thanks for sharing this. The most likely issue is NO prefix filtering at China Telecom end. Mainone (AS37282) leaked probably everything they learned from IXPN (Lagos IXP) Route Server to its direct peer AS4809 (China Telecom). I have presented the status of BOGON announcements, Prefix

[AusNOG] google potential route hijacked.

2018-11-12 Thread Binh Lam
Dear AusNOG.. The latest News about route hijacked, again raises the concerns about potential route hijacked, it can happen anytime to anyone.. https://www.itnews.com.au/news/route-leak-sends-google-cloud-traffic-to-russia-515489 how to prevent it? looking at the prefix was hijacked... whois

Re: [AusNOG] Assistance and Access Bill moves to PJCIS

2018-11-12 Thread Paul Wilkins
Communications Alliance submission makes the point both s313 and s280 (1)(b) of the Telecommunications Act 1997 are current extensively used to access metadata. It follows that under the new bill, about a