IPv4 Hijacking For Idiots
morrowc.lists at gmail.com
Wed Jun 7 01:16:05 CST 2017
On Tue, Jun 6, 2017 at 9:13 PM, Mark Andrews <marka at isc.org> wrote:
> In message <CAL9jLaZNRdE0gL4nVn93vhv1BOBtx0EKgJet8pVXa3Mve1Gy_Q at mail.
> gmail.com>, Christopher Morrow writes:
> > On Tue, Jun 6, 2017 at 8:26 PM, Mark Andrews <marka at isc.org> wrote:
> > > Now we could continue discussing how easy it is to hijack addresses
> > > of we could spend the time addressing the problem. All it takes is
> > > a couple of transit providers to no longer accept word-of-mouth and
> > > the world will transition overnight.
> > i don't think any transit providers were used in the previous thread
> > of examples/comms...
> > I don't know that IXP folk either:
> > 1) want to be the police of this
> > 2) should actually be the police of this (what is internet abuse? from
> > who's perspective? oh...)
> > The 'solution' here isn't new though... well, one solution anyway:
> > https://tools.ietf.org/html/rfc6810
> You missed the point. We have the mechanisms to prevent hijacking
> today. We just need to use them and stop using the traditional
apologies for taking your bait.
> mechanisms which cannot be mathematically be verified as correct.
> Getting to that stage requires several companies to simultaneously
> say "we will no longer accept <list> as valid mechanisms to verify
> routes announcements. You need to use X or else we won't accept
> the announcement". Yes, this requires guts to do.
agreed here as well.
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG