Ettiquette and rules regarding Hijacked ASN's or IP space?
Mr. James W. Laferriere
babydr at baby-dragons.com
Tue Jun 10 15:39:33 UTC 2003
Hello Kia , In line
On Mon, 9 Jun 2003, Kai Schlichting wrote:
> On 6/9/2003 at 4:06 PM, "Christopher L. Morrow" <chris at UU.NET> wrote:
> > Sure, you are announcing 196.1.1.0/24 and only that, fine, but are you
> > allowed to announce that prefix? Are you "Centre for Monitoring Indian
> > Economy" ?? Or is this your direct customer and you are just the sat-link
> > provider for him?
> Being able to answer such 64,000-dollar-questions with authority is the
> issue ARIN's registry operations are facing, pass or fail. And you can
> take that literally: the recent hijacking events have put ARIN's rules,
> procedures and current registry data so much into question - it'll be
> (do || die) for them. The inherited Internic data going back almost 20
> years doesn't help things. Indeed, I think that any and all legacy
> assignments should be purged, like the old Usenet, one by one. Some
> things that could be done:
> - contact all owners of IP space or ASNs with a demand to show legal,
> notarized
> paperwork showing their company's status as incorporated/active, and/or
> legal successor to the original registrant. Gotta use those 7 years of
> business records you're required to hold for something!
Already in progress . Using DNS lameness as start basis . I just
got a note for an old ip-range I had promised the owner I'd keep
active and forgot about over the years .
> - non-announced IP space with defunct contacts: -> reserved status, no
> AS may route those, until resolved per above
How would you go about admonishing hijackers (or what appears as a
hijacker) OR the provider that has been given a letter of approval
from the agency that appears to have the lease ? ... lots more
questions in this vein ? For all of the items mentioned below .
Just one foopah with a blackhole server & NOone is going to remain
attached to it . That has been proven over & over again . If you
can not implicitely trust the operator(s) of the blackhole(s)
operators will etierh run their own of ignore the blackholes .
> - non-announced IP space with working contacts: email to POC every
> 30 days with the legal demands (email/paper mail). After 90 days:
> network set to 'reserved' status, no AS may announce these,
> until resolved per above.
> - announced IP space: announcing AS to be contacted in addition to POC
> for the network object. For AS's in violation, this shall mean that
> all upstream ASs as visible at popular exchange points should be
> contacted (at least once) as well.
> - announcing AS's that violate the 'do not announce' rule shall be
> dealt with in ways similar to the non-cooperating entities described in:
> http://www.arin.net/policy/2003_1.html - they will get their own network
> objects suspended.
> - complete publicly accessible list of all 'reserved' networks - the
> DNSBLs and private BGP blackhole feeds will do the rest.
> Wouldn't you want to know how quiet your inbox can be, when you
> have a BGP4 blackhole feed with SPEWS L1 as the source...
--
+------------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network Engineer | P.O. Box 854 | Give me Linux |
| babydr at baby-dragons.com | Coudersport PA 16915 | only on AXP |
+------------------------------------------------------------------+
More information about the NANOG
mailing list