"Defensive" BGP hijacking?

Hugo Slabbert hugo at slabnet.com
Wed Sep 21 01:46:01 UTC 2016

Lucy, you got some (*serious*) 'splainin to do...


Hugo Slabbert       | email, xmpp/jabber: hugo at slabnet.com
pgp key: B178313E   | also on Signal

On Sun 2016-Sep-18 22:25:44 -0400, Tom Beecher <beecher at beecher.cc> wrote:

>So after reading your explanation of things...
>Your technical protections for your client proved sufficient to handle the
>attack. You took OFFENSIVE action by hijacking the IP space. By your own
>statements, it was only in response to threats against your company. You
>were no longer providing DDoS protection to a client. You were exacting a
>vendetta against someone who was being MEAN to you. Even if that person
>probably deserved it, you still cannot do what was done.
>I appreciate the desire to want to protect friends and family from
>anonymous threats, and also realize how ill equipped law enforcement
>usually is while something like this is occurring.
>However, in my view, by taking the action you did, you have shown your
>company isn't ready to be operating in the security space. Being threatened
>by bad actors is a nominal part of doing business in the security space.
>Unfortunately you didn't handle it well, and I think that will stick to you
>for a long time.
>On Tue, Sep 13, 2016 at 3:29 PM, Bryant Townsend <bryant at backconnect.com>
>> @ca & Matt - No, we do not plan to ever intentionally perform a
>> non-authorized BGP hijack in the future.
>> @Steve - Correct, the attack had already been mitigated. The decision to
>> hijack the attackers IP space was to deal with their threats, which if
>> carried through could have potentially lead to physical harm. Although the
>> hijack gave us a unique insight into the attackers services, it was not a
>> factor that influenced my decision.
>> @Blake & Mel - We will likely cover some of these questions in a future
>> blog post.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20160920/4d276eb9/attachment.sig>

More information about the NANOG mailing list