Anyone notice strange announcements for 184.108.40.206/24
deleskie at gmail.com
Tue Jan 13 15:33:57 UTC 2009
Fine which makes it an interesting data point and something to look
at after lunch when I'm not doing something else kinda issue. Not
something I'm going to treat as a P1 and drop everything work or real
life related for. I'm not say it shouldn't be looked it, just that in
the grand scheme of the thing its not a huge issue. Kinda like when
people feel the need to tune IGP time sub second convergence but do
impactful maint on routers or circuits 3-4 times a yr. If you lock
the doggie door but leave the front door open the bad guys can walk
right in. :)
On Tue, Jan 13, 2009 at 11:06 AM, Jared Mauch <jared at puck.nether.net> wrote:
> On Tue, Jan 13, 2009 at 07:00:34AM -0800, David Barak wrote:
>> If the concern was a Pilosov/Kapela style hijack, wouldn't the first thing you'd check be what the address range was? That would lead you straight to Randy, and that should have cleared up the matter straightaway. Remember: the owner of the IP space is the victim, not the ASN which gets prepended into the path...
> No, they are both victims. If I inject a path that purports
> there is an edge between two networks which are engaged in a bitter
> dispute, (i'll use cogent & sprint as an example) - _1239_174_ that may
> create a situation where someone asserts that their routes are
> being filtered when infact no connectivity exists.
> Does that mean that I hijacked their identiy and forged it? What
> level of trust do you place in the AS_PATH for your routing, debugging and
> decision making process?
> Personally, I would be upset if someone injected a route with my
> ASN in the AS_PATH without my permission.
> - Jared
> Jared Mauch | pgp key available via finger from jared at puck.nether.net
> clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the NANOG