black hat .cn networks
k claffy
kc at ipn.caida.org
Tue May 1 01:01:12 UTC 2001
On Mon, Apr 30, 2001 at 06:23:00PM -0400, Jim Mercer wrote:
On Mon, Apr 30, 2001 at 03:11:25PM -0700, Dan Hollis wrote:
> On Mon, 30 Apr 2001, Roeland Meyer wrote:
> > How quickly can CN be firewalled anyway?
>
> As quickly as you can write route-map filters
i don't know that it will be that easy.
surely, not all of china connects through a single AS.
87 ASes registered to china from whois records
(might be more by now, that's from old snapshot)
that doesn't include non-.cn ISPs with
customers in china...
it doesn't strike me as impossible to
write a virus (a la lion)
http://www.nipc.gov/warnings/advisories/2001/01-009.htm
that could trigger to spread infection as soon
as it could tell that no chinese-based ASes
were reachable from it
(get the world to protect china with filters,
then release the toxins...)
so `protecting the Internet from china w AS filters'
information warfare policy
makes me a little nervous
maybe we could just really slow down all traffic headed there
oh wait we already do that
k
More information about the NANOG
mailing list