"Defensive" BGP hijacking?

Scott Weeks surfer at mauigateway.com
Mon Sep 12 16:31:41 UTC 2016

--- blake at ispn.net wrote:
From: Blake Hudson <blake at ispn.net>
Scott Weeks wrote on 9/12/2016 11:08 AM:
> From: NANOG <nanog-bounces at nanog.org> on behalf
> of Blake Hudson <blake at ispn.net>

> My suggestion is that BackConnect/Bryant Townsend should have their ASN
> revoked for fraudulently announcing another organization's address
> space. They are not law enforcement, they did not have a warrant or
> judicial oversight, they were not in immediate mortal peril, etc, etc.
> -------------------------------------------------
> Are the RIRs the internet police?

ARIN has policies against fraudulently obtaining resources and has 
policies for revoking said resources. One could argue that announcing 
another org's IP resources without authorization is fraud and that said 
ip resources were fraudulently obtained during the time they were 
announced by BlackConnect. That said, this ASN was obtained through RIPE 
(despite the person/company being located in Calfornia, USA) and I did 
not see any RIPE policies related to fraud.

My thought is that if Mr Townsend shows disregard for the stability of 
the internet by hijacking other's IP space, he should not be allowed to 
participate. There are comments to the Kreb's article indicating that 
this was not an isolated incident by Mr Townsend and instead represents 
one event in a pattern of behavior.

I am somewhat in agreement with Mel: 

"This thoughtless action requires a response from the community, and an 
apology from BackConnect.   If we can't police ourselves, someone we 
don't like will do it for us. "

But the first part seems to verge on vigilantism.  Solutions are hard.
BGP filters should be in place.  Maybe that's the non-vigilante response.
Force filters somehow.

However, this has all been discussed over and over here...  ;-)


More information about the NANOG mailing list