Notice: Fradulent RIPE ASNs

Rich Kulawiec rsk at gsp.org
Wed Jan 16 15:54:50 UTC 2013


On Wed, Jan 16, 2013 at 10:07:40AM -0500, Todd Underwood wrote:
> no one seriously believes that the RIPE NCC (which is managed by all
> of its members) is primarily distinguished by their incompetence and
> negligence.

Really?  Then why, pray tell, haven't they made it a practice to routinely
(let's say, once a month) ask the people over at Spamhaus: "Hey folks, do
you see anything wonky in the space we manage?" and then act
immediately and decisively on what they get back for an answer?

I don't want to speak for Spamhaus, but I suspect that they would be
delighted to provide that response, particularly if it led to swift and
effective action to make the problem(s) go away.  And while I don't
always agree with their positions, I've *rarely* found mistakes in
their research: they're thorough.  (So's Ron, by the way.)

This isn't complicated.  This isn't expensive.  This doesn't require
new technology or anything fancy.  It's basic due diligence.  Yet it
clearly hasn't happened.  Why the hell not?

We live in a time when abuse is epidemic.  It's costing us a fortune,
and I don't just mean in financial terms, although certainly that's
bad enough all by itself.  But it doesn't just magically fall out of
the sky and land on our servers or routers, or at port 25 on our
mail servers.   It comes from *somewhere*, and it does so on *somebody's*
watch.  And when it does so on a chronic and systemic basis, surely
it is reasonable to ask questions like "Why, if we can so clearly see
it arriving at our operation, can they not see it leaving theirs?"
or "Why aren't people paying attention to the primary/most useful
sources of information about their own operations?"

So it's (well past) time to stop giving people a pass for looking the
other way or failing to look at all.  It's my, your, and everyone's
professional responsibility to do everything we possibly can to prevent
the networks, hosts, and resources we run from being part of the problem.
So yeah: "incompetence" and "negligence" are the best words I can find
to describe failure to do that.  What would you call it?

---rsk



More information about the NANOG mailing list