black hat .cn networks

k claffy kc at
Tue May 1 01:01:12 UTC 2001

On Mon, Apr 30, 2001 at 06:23:00PM -0400, Jim Mercer wrote:
  On Mon, Apr 30, 2001 at 03:11:25PM -0700, Dan Hollis wrote:
  > On Mon, 30 Apr 2001, Roeland Meyer wrote:
  > > How quickly can CN be firewalled anyway?
  > As quickly as you can write route-map filters
  i don't know that it will be that easy.
  surely, not all of china connects through a single AS.

87 ASes registered to china from whois records
(might be more by now, that's from old snapshot)

that doesn't include ISPs with
customers in china...

it doesn't strike me as impossible to
write a virus (a la lion)
that could trigger to spread infection as soon
as it could tell that no chinese-based ASes
were reachable from it
(get the world to protect china with filters,
then release the toxins...)

so `protecting the Internet from china w AS filters'
information warfare policy
makes me a little nervous 

maybe we could just really slow down all traffic headed there 
oh wait we already do that


More information about the NANOG mailing list