On Feb 27, 2008, at 2:09 AM, Adrian Chadd wrote:
(speaking as someone who has built large ACLs/prefix-lists and has
6MB+ configs that can't be loaded on my routers. without vendor
support
those that want to do the right thing can't, so the game is lost).
I remember the days of making rt
On Mon, Feb 25, 2008, Alex Pilosov wrote:
>
> A bit of administrativia:
>
> This thread generated over a hundred posts, many without operational
> relevance or by people who do not understand how operators, well, operate,
> or by people who really don't have any idea what's going on but feel l
Paul Ferguson wrote:
> I'm still convinced that the NANOG community -- perhaps in
> collaboration with RIPE and APNIC, et al -- should work to
> craft ISP "best current practices" in these areas, since ISPs
> don't seem to heed IETF documents, except when it serves their
> own business & operation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Christopher Morrow" <[EMAIL PROTECTED]> wrote:
>> Well... If you want to work on one, I'm willing help shepherd it
>> through
>> the process. We even have a working group setup for that purpose.
>
>proposal for work in GROW?
Actually, that
On Tue, Feb 26, 2008 at 7:17 PM, Joel Jaeggli <[EMAIL PROTECTED]> wrote:
>
> John Payne wrote:
> >
> > On Feb 25, 2008, at 1:22 AM, Christopher Morrow wrote:
> >
> >> except that even the 'good guys' make mistakes. Belt + suspenders
> >>
> >> please... is it really that hard for a network se
On Tue, Feb 26, 2008, Jared Mauch wrote:
> > The problem isn't that the router config is too easy Jared, its that
> > there's no nice and easy way of doing it right from scratch that matches
> > the sort of newbie network operators that exist today. For examples
> The problem is that some
On Wed, Feb 27, 2008 at 10:09:19AM +0900, Adrian Chadd wrote:
> > (speaking as someone who has built large ACLs/prefix-lists and has
> > 6MB+ configs that can't be loaded on my routers. without vendor support
> > those that want to do the right thing can't, so the game is lost).
>
> Getting Cisc
On 27/02/2008, at 11:39 AM, Adrian Chadd wrote:
(speaking as someone who has built large ACLs/prefix-lists and has
6MB+ configs that can't be loaded on my routers. without vendor
support
those that want to do the right thing can't, so the game is lost).
I remember the days of making rt
> (speaking as someone who has built large ACLs/prefix-lists and has
> 6MB+ configs that can't be loaded on my routers. without vendor support
> those that want to do the right thing can't, so the game is lost).
I remember the days of making rtconfig work properly in various
situations (heck, d
John Payne wrote:
On Feb 25, 2008, at 1:22 AM, Christopher Morrow wrote:
except that even the 'good guys' make mistakes. Belt + suspenders
please... is it really that hard for a network service provider to
have a prefix-list on their customer bgp sessions?? L3 does it, ATT
does it, Sprint
On Feb 25, 2008, at 1:22 AM, Christopher Morrow wrote:
except that even the 'good guys' make mistakes. Belt + suspenders
please... is it really that hard for a network service provider to
have a prefix-list on their customer bgp sessions?? L3 does it, ATT
does it, Sprint does it, as do UUNET/vz
for a list filled with network operators and engineers, the lot of you
are quick to whip out lawyers and courts and international tribunals.
perhaps I missed the message, but has anyone mentioned the direct
economic impact of SFI? as a responsible network operator, would you
peer with a network th
> Since the US has no jurisdiction over 17557, other than for the US govt.
> to force ISPs to refuse to accept any advertisements with 17557 or any
> other AS that didn't meet some regulatory requirements in the path, how
> would you propose that the regulatory environment you envision work?
I do
MAIL PROTECTED] On
> Behalf Of Dave Pooser
> Sent: Tuesday, February 26, 2008 10:15 AM
> To: nanog@merit.edu
> Subject: Re: YouTube IP Hijacking
>
>
> > But, due to a lot of effort in making better educational material
> > available for pilots, including better fli
The biggest problem here is that Cisco needs to change
their defaults to require more configuration than
router bgp X
neighbor 1.2.3.4 remote-as A
When that's the bar for the complexity required for setting up BGP,
bad things WILL happen. Period.
Cisco has taken all these year
[EMAIL PROTECTED] wrote:
Haven't you noticed that the definition of "widely visited site"
changes regularly, and often quite abruptly? How much traffic
did YouTube get 3 years ago? Facebook? MySpace? There is no
shortcut for eternal vigilance, i.e. manage your BGP relationships
don't just con
> But, due to a lot of effort in making better educational material
> available for pilots, including better flight simulators and
> better simulator scenarios, flying is a lot safer than it was
> in 1958.
At the risk of being a stereotypical American liberal, I'll point out two
significant reaso
-Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Christopher Morrow
> Sent: Tuesday, February 26, 2008 8:59 AM
> To: hjan
> Cc: nanog@merit.edu
> Subject: Re: [admin] [summary] RE: YouTube IP Hijacking
>
>
> On Tue, Feb 26, 2008
On Tue, Feb 26, 2008 at 10:40 AM, hjan <[EMAIL PROTECTED]> wrote:
> I think that they should use remote triggered blackhole filtering with
> no-export community.
> In this way they do the job with no impact on the rest of internet.
so, certainly this isn't a bad idea, but given as an example:
Alex Pilosov ha scritto:
Facts:
* AS17557 announced more specific /24 to 3491, which propagated to wider
internets
I think that they should use remote triggered blackhole filtering with
no-export community.
In this way they do the job with no impact on the rest of internet.
Regards,
Gi
> > You _need_ a license to drive a car, fly a plane etc. but until now
> > you dont need to show that youre skilled enough to run a border
> > router. Good idea? I dont think so.
>
> My point was that even with a license, accidents still occur.
Even with a licence and testing, airline crashe
Arnd Vehling wrote:
Randy Epstein wrote:
My point was that even with a license, accidents still occur.
My point is that without a license more accidents will occur.
The problem here is a problem causes in a *REMOTE* network, that you, as
a decent engineer, should safeguard against in *YOUR*
of the costs. The vendor primarily trains how to _implement_ a BGP
policy on their equipment and not neccessarily how to develop a good
peering and filter policy.
The "youtube ip hijacking" case _may_ be a result of route
redistribution from an internal routing protocol to BGP without a
Leo Vegoda wrote:
> On 26/02/2008 12:06, "Arnd Vehling" <[EMAIL PROTECTED]> wrote:
>
> [...]
>
>> With a decent LIR DB (like the RIPE DB) this is only possible if an
>> hijacker breaks the authentication of the according database objects
>> which is a pain in the a** _if_ the objects use a prope
Arnd wrote:
> You _need_ a license to drive a car, fly a plane etc. but until now you
> dont need to show that youre skilled enough to run a border router. Good
> idea? I dont think so.
My point was that even with a license, accidents still occur.
> I believe that people who run ASNs should hav
On 26/02/2008 12:06, "Arnd Vehling" <[EMAIL PROTECTED]> wrote:
[...]
> With a decent LIR DB (like the RIPE DB) this is only possible if an
> hijacker breaks the authentication of the according database objects
> which is a pain in the a** _if_ the objects use a proper authentication
> scheme lik
Randy Epstein wrote:
>>> This isn't the answer. If it were, there would be no car accidents, pilot
>>> error caused plane crashes, etc.
>
>> Probably the reason you dont need to have a pilot license...
>
> Sorry, what?
You _need_ a license to drive a car, fly a plane etc. but until now you
don
Stephane Bortzmeyer wrote:
> On Tue, Feb 26, 2008 at 11:43:10AM +0100,
> Arnd Vehling <[EMAIL PROTECTED]> wrote
> a message of 12 lines which said:
>
>> Every ISP requesting an ASN from one of the LIR's should be required
>> to make a test covering the neccessary skillsets.
>
> Giving the rap
>>This isn't the answer. If it were, there would be no car accidents, pilot
>>error caused plane crashes, etc.
> Probably the reason you dont need to have a pilot license...
Sorry, what?
> Dont get me wrong: I not the "Policy this/that" type but i think its a
> good idea to ensure that ppl who
On Tue, Feb 26, 2008 at 11:43:10AM +0100,
Arnd Vehling <[EMAIL PROTECTED]> wrote
a message of 12 lines which said:
> Every ISP requesting an ASN from one of the LIR's should be required
> to make a test covering the neccessary skillsets.
Giving the rapid turnover of people in this industry, I
Alex Pilosov wrote:
> Oh yeah, d'oh! Thanks for correction. But that is also an important point
> against PHAS and IRRPT filtering - they are powerless against truly
> malicious hijacker (one that would register route in IRR, add the
> right origin-as to AS-SET, and use correct origin).
With a de
Martin A Brown writes:
> Late last night, after poring through our data, I posted a detailed
> chronology of the hijack as seen from our many peering sessions. I
> would add to this that the speed of YouTube's response to this
> subprefix hijack impressed me.
For a Sunday afternoon, yes, not bad
Iljitsch van Beijnum writes:
> Well, if they had problems like this in the past, then I wouldn't
> trust them to get it right. Which means that it's probably a good
> idea if EVERYONE starts filtering what they allow in their tables
> from PCCW. Obviously that makes it very hard for PCCW to start
> Now if only everyone here on NANOG were to do what Matsuzaki has done,
> and take the time to educate those less clueless, the world would be a
> better place.
Its time that people responsible for BGP routing need to show that they
have the skills and knowledge for it. Every ISP requesting an
Rick Astley writes:
> Anything more specific than a /24 would get blocked by many filters,
> so some of the "high target" sites may want to announce their
> mission critical IP space as /24 and avoid using prepends.
Good idea. But only the "high target" sites, please. If you're an
unimportant s
Hi,
> In a lot of this dialogue, many say, "you should prefix filter".
> However, I'm not seeing how an ISP could easily adopt such filtering.
>
> Let's consider the options:
[..]
> a) only RIPE IRR uses a sensible security model [1], so if you use
> others, basically anyone can add rout
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Stephane Bortzmeyer <[EMAIL PROTECTED]> wrote:
>No, most operators do filter BGP announcements. I know it, because I
>have read it on Cnet:
>
>http://www.news.com/8301-10784_3-9878655-7.html
>
Dunno -- looks like McCullagh got it pretty much sp
On Mon, Feb 25, 2008 at 09:27:41AM +0200,
Hank Nussbacher <[EMAIL PROTECTED]> wrote
a message of 17 lines which said:
> - Lack of clue
> - Couldn't care less
> - No revenue
>
> Take your pick - or add your own reason. PCCW is not alone. They just
> happen to be the latest in a long line of
On Mon, Feb 25, 2008 at 2:32 AM, Hank Nussbacher <[EMAIL PROTECTED]> wrote:
> "we've been warning that this could happen *again*" - this is happening
> every day - just look to:
> http://cs.unm.edu/~karlinjf/IAR/prefix.php?filter=most
> http://cs.unm.edu/~karlinjf/IAR/subprefix.php?filter=mos
On Mon, Feb 25, 2008, Alex Pilosov wrote:
>
> A bit of administrativia:
>
> This thread generated over a hundred posts, many without operational
> relevance or by people who do not understand how operators, well, operate,
> or by people who really don't have any idea what's going on but feel l
Valdis wrote:
> He explicitly said "single-homed". Of course, multi-homed requires
> different handling, because you may hear their other home announce them
> (although again, you probably shouldn't listen to *THAT* announcement
> either if *your* link to them is up). And I posit that if you do
>Is there some way of deploying a solution like Secure BGP without
>actually requiring that it go into the routers?
The IETF SIDR wg (shameless plug as I'm wg co-chair) is working on
a way to say with strong assurance who holds what prefixes, and
therefore who can authorize the origination of wha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> There have been two or three panels on this exact topic in
> the past, you can find them in the index of talks.
> Unfortunately, the problem hasn't changed at all. Perhaps we
> could just replay those video streams :-)
My $.02 - http://www
On Mon, 25 Feb 2008 15:29:01 EST, Randy Epstein said:
> > Our own or our singlehomed customers' address space -- we would reject
^^^
> > such an advertisement. The same inbound consistency check applies to
> > peers and upstreams/transits.
> What do you do when one of y
I'd hear to see who does it, and get them to present the "operational
lessons" at the next nanog!
On second thought, I guess one thing has changed considerably
since 15 years ago. Rather than ~5000 monkeys with keyboard
access to manipulate global routing tables, there are likely well
North o
On Feb 25, 2008, at 1:22 PM, Alex Pilosov wrote:
Well, in this case, they *aren't* filtering! (unless I am
misunderstanding
what you are saying, due to repeated use of 'their').
What I'm saying is that best case today ISPs police routes
advertised by their customers, yet they accept routes
> Our own or our singlehomed customers' address space -- we would reject
> such an advertisement. The same inbound consistency check applies to
> peers and upstreams/transits.
>
> If it's someone else's or a more specific or the same prefix as our
> multihomed customers -- we accept it. The
On Mon, 25 Feb 2008, Danny McPherson wrote:
> > ** Paul Wall brought up the fact that even obviously bogus routes (1/8
> > and 100/7) were accepted by 99% of internet during an experiment.
>
> I'm not sure why this would surprise anyone.
To me and you, it's not surprising. To public, it might be
On Feb 25, 2008, at 12:51 PM, Alex Pilosov wrote:
** Nobody brought up the important point - the BGP announcement
filtering
are only as secure as the weakest link. No [few?] peers or transits
are
filtering "large" ISPs (ones announcing few hundred routes and up).
There
are a great many of
A bit of administrativia:
This thread generated over a hundred posts, many without operational
relevance or by people who do not understand how operators, well, operate,
or by people who really don't have any idea what's going on but feel like
posting.
I'd like to briefly summarize the impor
On Mon, 25 Feb 2008, Danny McPherson wrote:
(Yeah, we prefix filter all our customers. Our IPv6 peers are also prefix
filtered, based on RIPE IRR data (with one exception). IPv4 peers'
advertisements seem to be too big a mess, and too long filters, to fix this
way.)
Do you explicitly filte
On Feb 25, 2008, at 6:08 AM, Pekka Savola wrote:
In a lot of this dialogue, many say, "you should prefix filter".
However, I'm not seeing how an ISP could easily adopt such filtering.
So, this is no excuse for not doing prefix filtering if you only do
business in the RIPE region, but anyw
stem?
>
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> > Behalf Of Hank Nussbacher
> > Sent: Sunday, February 24, 2008 11:33 PM
> > To: Steven M. Bellovin; nanog@merit.edu
> > Subject: Re: YouTube IP Hijackin
ECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Hank Nussbacher
> Sent: Sunday, February 24, 2008 11:33 PM
> To: Steven M. Bellovin; nanog@merit.edu
> Subject: Re: YouTube IP Hijacking
>
>
> At 05:31 AM 25-02-08 +, Steven M. Bellovin wrote:
>
> >Seriously -- a nu
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Paul Stewart
Sent: Monday, February 25, 2008 11:48 AM
To: [EMAIL PROTECTED]; nanog@merit.edu
Cc: Paul Ferguson
Subject: RE: YouTube IP Hijacking
DO NOT sign up at that site until the site admin fixes a major
cted. Naturally.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Jason
Sent: Sunday, February 24, 2008 8:13 PM
To: nanog@merit.edu
Cc: Paul Ferguson
Subject: Re: YouTube IP Hijacking
This is similar, and available for all regions/ASNs.
http://cs.un
On Mon, Feb 25, 2008 at 09:28:47AM -0500, Jon Lewis wrote:
> I've only dealt with a handful of the bigger networks, but every transit
> BGP session I've ever been the customer role on has been filtered by the
> provider. From memory and in no particular order, that's UUNet, Level3,
> Digex, In
>If someone comes up with the anti-mistake routing protocol ...
We could try to invent more idiot proof protocols, but the more
control (and centralization), the more it will be "a kind of
Internet". Not sure the founding principles and factors that made the
Internet successful would resist
Le 25 févr. 08 à 02:42, Patrick W. Gilmore a écrit :
On Feb 24, 2008, at 7:36 PM, Tomas L. Byrnes wrote:
1: Hosted at a Tier 1 provider.
That is a silly requirement.
(I am sorry, I tried hard to find a nicer way to say this, but I
really feel strongly about this.)
2: Within a jurisd
y'all,
On Mon, Feb 25, 2008 at 06:49:35AM -0800, Barry Greene (bgreene) wrote:
> > Seriously -- a number of us have been warning that this could happen.
> > More precisely, we've been warning that this could happen
> > *again*; we all know about many older incidents, from the
> > barely notice
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greetings,
Late last night, after poring through our data, I posted a detailed
chronology of the hijack as seen from our many peering sessions. I
would add to this that the speed of YouTube's response to this
subprefix hijack impressed me.
As di
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Steven M. Bellovin
> How about state-of-the-art routing security?
>
> Seriously -- a number of us have been warning that this could happen.
> More precisely, we've been warning that this could happ
Christopher Morrow wrote:
On Sun, Feb 24, 2008 at 8:42 PM, Patrick W. Gilmore <[EMAIL PROTECTED]> wrote:
except that even the 'good guys' make mistakes. Belt + suspenders
please... is it really that hard for a network service provider to
have a prefix-list on their customer bgp sessions?? L3 doe
On Mon, 25 Feb 2008, Hank Nussbacher wrote:
For us who actually have customers we care about, we probably find it
better for business to try to make sure our own customers can't announce
prefixes they don't own, but accept basically anything from the world that
isn't ours.
You are a distinc
Changed the subject line a little...
On Mon, 25 Feb 2008, Hank Nussbacher wrote:
At 03:14 AM 25-02-08 -0500, Paul Wall wrote:
Results were planned to be presented at the next NANOG, but they
shouldn't be a surprise to anyone in the industry: nobody filters.
Incorrect. Some do filter and do
At 03:14 AM 25-02-08 -0500, Paul Wall wrote:
Results were planned to be presented at the next NANOG, but they
shouldn't be a surprise to anyone in the industry: nobody filters.
Incorrect. Some do filter and do it well. Problem is that it is in
general a minority - many of which can be foun
At 06:17 PM 25-02-08 +0900, Matsuzaki Yoshinobu wrote:
> All good, er, bad reasons. Fixing the "filter your downstreams"
> problem is very important. It would also solve 90-something percent
> of the problems mentioned in this thread. E.g. as7007. :)
I am in the APRICOT meeting in Taipei n
On Sun, Feb 24, 2008 at 10:49 PM, Sean Donelan <[EMAIL PROTECTED]> wrote:
>
> On Mon, 25 Feb 2008, Steven M. Bellovin wrote:
> > How about state-of-the-art routing security?
>
> The problem is what is the actual trust model?
>
> Are you trusting some authority to not be malicious or never make
> the laws of Canada, Mexico and the US are still largely
> seperate, and the laws of one do not necessarily follow in another.
Not to mention other North American countries such as France(1),
Bermuda, Cuba, Haiti, etc., etc.
--Michael Dillon
(1) The islands of St. Pierre and Miquelon, Martini
On Mon, Feb 25, 2008 at 10:12:47AM -, [EMAIL PROTECTED] wrote:
> In case you hadn't noticed, there is no North American law enforcement
> agency and no North American courts and no North American laws outside
> of NAFTA. So I'm not sure what you are getting at here. Do you want
> to reopen NAF
[EMAIL PROTECTED] wrote:
[..]
Pushing this task off to a server that does not have packet-forwarding
duties also allows for flexible interfaces to network management
systems including the possibility of asking for human confirmation
before announcing a new route.
There is no (direct) requiremen
> Right. Everyone makes mistakes, but not everyone is malicious.And
> the RIRs and the big ISPs are *generally* more clueful than
> the little guys and the newcomers. Note also that secured
> BGP limits the kinds of mistakes people can make. If I have
> a certificate from my RIR for 192
> This candidate list of requirements is for route sources that
> North American Operators should trust to propagate long
> prefix routes, nothing more, nothing less.
All operators already have some kind of criteria which they use
to decide whether or not to trust a particular source of route
On 25 feb 2008, at 9:14, Paul Wall wrote:
I don't know how large Pakistani Telecom is, but it I bet its not
large
enough that PCCW should be allowing it to advertise anything.
I think you're failing to take into account how multihoming generally
works. The real fallacy here is that PCCW/B
"Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote
> On Feb 25, 2008, at 2:27 AM, Hank Nussbacher wrote:
> > At 07:15 PM 24-02-08 -0500, Randy Epstein wrote:
> >
> >> More importantly, why is PCCW not prefix filtering their downstreams?
> >
> > Why?
> >
> > - Lack of clue
> > - Couldn't care less
> >
On Mon, Feb 25, 2008 at 09:13:23AM +, Alexander Harrowell wrote:
> Interesting that (according to Renesys) BT reconnected about 500 networks in
> Pakistan after the big fibre cut. I wonder if there's any data around that
> would tell us who filters and who doesn't?
based on my experience of r
Interesting that (according to Renesys) BT reconnected about 500 networks in
Pakistan after the big fibre cut. I wonder if there's any data around that
would tell us who filters and who doesn't?
On Mon, Feb 25, 2008 at 9:02 AM, Jim Mercer <[EMAIL PROTECTED]> wrote:
>
>
> having built an ISP or tw
having built an ISP or two in pakistan, PTCL (Pakistan Telecom) is not the
sole provider of bandwidth to the country, although it likely carries the
bulk of traffic to the country.
operationally, there are a number of jurisdictions which filter content
and connectivity on a variety of basis.
ad
On Sun, 24 Feb 2008, Sargun Dhillon wrote:
> I don't know how large Pakistani Telecom is, but it I bet its not large
> enough that PCCW should be allowing it to advertise anything.
I think you're failing to take into account how multihoming generally
works. The real fallacy here is that PCCW/BTN
On Feb 25, 2008, at 2:32 AM, Hank Nussbacher wrote:
At 05:31 AM 25-02-08 +, Steven M. Bellovin wrote:
Seriously -- a number of us have been warning that this could happen.
More precisely, we've been warning that this could happen *again*; we
all know about many older incidents, from the ba
On Feb 25, 2008, at 2:27 AM, Hank Nussbacher wrote:
At 07:15 PM 24-02-08 -0500, Randy Epstein wrote:
More importantly, why is PCCW not prefix filtering their downstreams?
Why?
- Lack of clue
- Couldn't care less
- No revenue
Take your pick - or add your own reason. PCCW is not alone. The
On Mon, 25 Feb 2008 01:49:51 -0500 (EST)
Sean Donelan <[EMAIL PROTECTED]> wrote:
>
> On Mon, 25 Feb 2008, Steven M. Bellovin wrote:
> > How about state-of-the-art routing security?
>
> The problem is what is the actual trust model?
>
> Are you trusting some authority to not be malicious or nev
At 05:31 AM 25-02-08 +, Steven M. Bellovin wrote:
Seriously -- a number of us have been warning that this could happen.
More precisely, we've been warning that this could happen *again*; we
all know about many older incidents, from the barely noticed to the very
noisy. (AS 7007, anyone?)
At 07:15 PM 24-02-08 -0500, Randy Epstein wrote:
More importantly, why is PCCW not prefix filtering their downstreams?
Why?
- Lack of clue
- Couldn't care less
- No revenue
Take your pick - or add your own reason. PCCW is not alone. They just
happen to be the latest in a long line of ISP
At 12:13 AM 25-02-08 +0100, Mikael Abrahamsson wrote:
For us who actually have customers we care about, we probably find it
better for business to try to make sure our own customers can't announce
prefixes they don't own, but accept basically anything from the world that
isn't ours.
You are
On Mon, 25 Feb 2008, Steven M. Bellovin wrote:
How about state-of-the-art routing security?
The problem is what is the actual trust model?
Are you trusting some authority to not be malicious or never make a
mistake?
There are several answers to the malicious problem.
There are fewer answe
It does sort of shed light on a sobering fact that some of the PCCW's of the
world are not using proper filtering, and with a coordinated effort, someone
could inject a large number of routes into the global routing table through
them effectively taking offline much of the Internet.
Anything more
On Sun, Feb 24, 2008 at 8:42 PM, Patrick W. Gilmore <[EMAIL PROTECTED]> wrote:
> > 2: Within a jurisdiction where North American operators have a good
> > chance of having the law on their side in case of any network outage
> > caused by the entity.
>
> This is also a bit strange. Do your us
On Feb 25, 2008, at 12:31 AM, Steven M. Bellovin wrote:
Seriously -- a number of us have been warning that this could happen.
More precisely, we've been warning that this could happen *again*; we
all know about many older incidents, from the barely noticed to the
very
noisy. (AS 7007, anyon
On Sun, 24 Feb 2008 20:42:51 -0500
"Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
> > 4: With state of the art security and operations.
>
> I think we agree, but I wouldn't have said it like that.
>
How about state-of-the-art routing security?
Seriously -- a number of us have been warning th
t; Michael Smith; [EMAIL PROTECTED];
> [EMAIL PROTECTED]; nanog@merit.edu
> Subject: Re: YouTube IP Hijacking
>
>
> On Feb 24, 2008, at 2:14 PM, Tomas L. Byrnes wrote:
>
> >
> > I figured as much, but it was worth a try.
> >
> > Which touches on the earlier
D]
Sent: Sunday, February 24, 2008 2:07 PM
To: Tomas L. Byrnes
Cc: Michael Smith; [EMAIL PROTECTED]; [EMAIL PROTECTED];
nanog@merit.edu
Subject: Re: YouTube IP Hijacking
On Sun Feb 24, 2008 at 01:49:00PM -0800, Tomas L. Byrnes wrote:
Which means that, by advertising routes more specific than the ones
the
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Patrick W. Gilmore
> Sent: Sunday, February 24, 2008 5:43 PM
> To: nanog@merit.edu
> Cc: Patrick W. Gilmore
> Subject: Re: YouTube IP Hijacking
>
>
> On Feb 24, 2008, at 7:36 PM, Tomas L. Byrnes wrote:
>
>
Jeroen Massar wrote:
* PHAS: A Prefix Hijack Alert System
http://irl.cs.ucla.edu/papers/originChange.pdf
(A live/direct BGP-feed version of this would be neat)
Does PHAS still work? I tried to submit a request to subscribe a few
weeks ago and never heard back from their automated system.
'Simon Lockhart'
Cc: 'Michael Smith'; [EMAIL PROTECTED]; [EMAIL PROTECTED];
nanog@merit.edu
Subject: RE: YouTube IP Hijacking
Tomas L. Byrnes wrote:
Perhaps certain ASes that are considered "high priority",
like Google,
YouTube, Yahoo, MS (at least their update serve
On Sun, Feb 24, 2008 at 07:19:07PM -0500, Paul Stewart wrote:
> Very nice.. is there an ARIN equal that anyone knows of OR can you use
> the RIPE one for ARIN registered space?
as the homepage states:
"MyASN is open to be used by anyone. You don't have to be a Local
Internet Registry (LIR) and y
-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Paul Ferguson
Sent: Sunday, February 24, 2008 7:07 PM
To: [EMAIL PROTECTED]
Cc: nanog@merit.edu
Subject: Re: YouTube IP Hijacking
-- Daniel Roesen <[EMAIL PROTECTED]> wrote:
On Sun, Feb 24, 2008 at 10:41:26PM +, Paul Fe
L PROTECTED]; [EMAIL PROTECTED];
> nanog@merit.edu
> Subject: RE: YouTube IP Hijacking
>
> Tomas L. Byrnes wrote:
>
> > Perhaps certain ASes that are considered "high priority",
> like Google,
> > YouTube, Yahoo, MS (at least their update servers), can be
: [EMAIL PROTECTED]
Cc: nanog@merit.edu
Subject: Re: YouTube IP Hijacking
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Daniel Roesen <[EMAIL PROTECTED]> wrote:
>On Sun, Feb 24, 2008 at 10:41:26PM +, Paul Ferguson wrote:
>> The best you can _probably_ hope for is a opt-in mechan
ckhart [mailto:[EMAIL PROTECTED]
> Sent: Sunday, February 24, 2008 2:07 PM
> To: Tomas L. Byrnes
> Cc: Michael Smith; [EMAIL PROTECTED]; [EMAIL PROTECTED];
> nanog@merit.edu
> Subject: Re: YouTube IP Hijacking
>
> On Sun Feb 24, 2008 at 01:49:00PM -0800, Tomas L. Byrnes wrote:
>
1 - 100 of 120 matches
Mail list logo