GLBX De-Peers Intercage [Was: RE: Washington Post: Atrivo/Intercag e, w hy are we peering with the American RBN?]

Suresh Ramasubramanian ops.lists at
Tue Sep 2 22:44:20 CDT 2008

Eric, as you say, it is a multi part test. With fairly clear
distinctions between a compromised node and one under the direct
control of a criminal

So while it is unrealistic when viewed in isolation, put together with
other factors it starts to make a lot of sense.


On Wed, Sep 3, 2008 at 7:59 AM, Eric Brunner-Williams
<brunner at> wrote:

> In a parallel universe we're considering profiles for "licit use" of some
> mechanism. One element of a multi-part test to distinguish "licit" from
> "illicit" was the presence or absence of known signatures for malware. After
> some thought it was understood that this test was equivalent to the node
> subject to the test being "cleaner" than the average for network attached
> consumer devices, and therefore not realistic.

More information about the NANOG mailing list