"Defensive" BGP hijacking?

Tue Sep 13 18:51:06 UTC 2016

Blake,

I concur that these are key questions. Probably _the_ key questions. The fabric of the Internet is today based on trust, and BGP's integrity is the core of that trust. 

I realize that BGP hijacking is not uncommon. However, this is the first time I've seen in it used defensively. I don't see a way to ever bless this kind of defensive use without compromising that core trust. If Internet reachability depends on individual providers believing that they are justified in violating that trust when they are attacked, how can the Internet stand?

In addition to the question posed to Bryant about whether he would take this action again, I would like to add: what about the innocent parties impacted by your actions? Or do you take the position there were no innocent parties in the hijacked prefixes?

-mel via cell

> On Sep 13, 2016, at 11:40 AM, Blake Hudson <blake at ispn.net> wrote:
> 
> 
> 
> Bryant Townsend wrote on 9/13/2016 2:22 AM:
>> This was the point where I decided
>> I needed to go on the offensive to protect myself, my partner, visiting
>> family, and my employees. The actions proved to be extremely effective, as
>> all forms of harassment and threats from the attackers immediately stopped.
> 
> 
> Bryant, what actions, exactly, did you take? This topic seems intentionally glossed over while you spend a much larger amount of time explaining the back story and your motivations rather than your actions.
> 
> Questions I was left with:
> 
> 1. What prefixes have you announced without permission (not just this
>   event)?
> 2. How did you identify these prefixes?
> 3. Did you attempt to contact the owner of these prefixes?
> 4. Did you attempt to contact the origin or transit AS of these prefixes?
> 5. What was the process to get your upstream AS to accept these prefix
>   announcements?
> 6. Was your upstream AS complicit in allowing you to announce prefixes
>   you did not have authorization to announce?
> 