Hijacked IP space.

Brian Bruns bruns at 2mbit.com
Tue Nov 4 15:41:17 UTC 2003

----- Original Message ----- 
From: "Joe Abley" <jabley at isc.org>
To: "Randy Bush" <randy at psg.com>
Cc: "Bill Woodcock" <woody at pch.net>; <nanog at merit.edu>
Sent: Tuesday, November 04, 2003 10:17 AM
Subject: Re: Hijacked IP space.

> How should your peers certify that the routes you announce are
> reasonable for them to receive?

Still doesn't solve the problem of ISPs announcing out hijacked blocks.

It is stupidly simple to announce out blocks you don't own.

A few years ago, when I was a netadmin, we on several occasions announced
out blocks we had no permission to announce out (/24s).  This happened on
the days after 9/11 as well when we acquired customers who's ISPs didn't
survive the collapse of the NYC telco network.  All it took was using the
BGP request form at a large unnamed Tier 1 backbone provider, and our
filters were adjusted to allow us to announce out any network we wanted to.
No questions asked, no authorization forms, nothing.

I've confirmed this behavior with several of the backbones.  Why are these
backbones allowing their T1 customers to make these kind of announcements
without any kind of authorization forms or simple checking to see if its a
valid announcement for that customer?

Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources

The AHBL - http://www.ahbl.org

More information about the NANOG mailing list