"Defensive" BGP hijacking?
cb.list6 at gmail.com
Tue Sep 13 19:53:17 UTC 2016
On Tuesday, September 13, 2016, Bryant Townsend <bryant at backconnect.com>
> @ca & Matt - No, we do not plan to ever intentionally perform a
> non-authorized BGP hijack in the future.
Great answer. Thanks.
Committing to pursuing a policy of weaponizing BGP would have triggered a
serious "terms of service" violations that would have effectively ended
your business swiftly and permanently.
Tip to the RIR policy folks, you may want to make this point very crisp. A
BGP ASN is the fundamental accountability control in a inter-domain
routing. Organizations with repeated offensense need to have their ASN
revoked, and further there should be controls in places so bad actors
cannot acquire "burner" ASNs.
@Steve - Correct, the attack had already been mitigated. The decision to
> hijack the attackers IP space was to deal with their threats, which if
> carried through could have potentially lead to physical harm. Although the
> hijack gave us a unique insight into the attackers services, it was not a
> factor that influenced my decision.
> @Blake & Mel - We will likely cover some of these questions in a future
> blog post.
More information about the NANOG