"Defensive" BGP hijacking?
blake at ispn.net
Tue Sep 13 20:22:10 UTC 2016
Ca By wrote on 9/13/2016 2:53 PM:
> On Tuesday, September 13, 2016, Bryant Townsend <bryant at backconnect.com>
>> @ca & Matt - No, we do not plan to ever intentionally perform a
>> non-authorized BGP hijack in the future.
> Great answer. Thanks.
> Committing to pursuing a policy of weaponizing BGP would have triggered a
> serious "terms of service" violations that would have effectively ended
> your business swiftly and permanently.
> Tip to the RIR policy folks, you may want to make this point very crisp. A
> BGP ASN is the fundamental accountability control in a inter-domain
> routing. Organizations with repeated offensense need to have their ASN
> revoked, and further there should be controls in places so bad actors
> cannot acquire "burner" ASNs.
>> @Steve - Correct, the attack had already been mitigated. The decision to
>> hijack the attackers IP space was to deal with their threats, which if
>> carried through could have potentially lead to physical harm. Although the
>> hijack gave us a unique insight into the attackers services, it was not a
>> factor that influenced my decision.
>> @Blake & Mel - We will likely cover some of these questions in a future
>> blog post.
Ca, and the community, I don't make the leap. How does attacking someone
by hijacking their IP space mitigate a physical threat? How does
impeding someone's access to the internet access prevent them from
performing an act of physical violence against you? If a party threatens
me, would I be justified in attacking him or her? In my experience,
attacking someone is more likely to escalate a situation - not
Bryant did weaponize BGP and stated he stands by his actions and further
indicated that he will use what he learned here to shape handling of
> I have spent a
> long time reflecting on my decision and how it may negatively impact the
> company and myself in some people’s eyes, but ultimately I stand by it. The
> experience and feedback I have gained from these events has proven
> invaluable and will be used to shape the policies surrounding the future
> handling of similar situations.
When I read Bryant's comments, I see justification and excuses for his
behavior. I do not see an apology nor admission of wrongdoing. I believe
what Bryant did was wrong and I would hate for others to be allowed to
act similarly without consequence.
More information about the NANOG