This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Defining routing abuse
- Previous message (by thread): [anti-abuse-wg] Defining routing abuse
- Next message (by thread): [anti-abuse-wg] Defining routing abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Töma Gavrichenkov
ximaera at gmail.com
Sat Apr 13 16:50:32 CEST 2019
On Sat, Apr 13, 2019 at 3:55 PM Doug Madory <douglas.madory at oracle.com> wrote: > > Should that also be treated as a policy violation? This is clearly intentional. > I believe what’s described in the Qrator article could be a leaking route optimizer (like Noction) not a new hijack type. Probably. The title of the article refers mostly to the imaginary case in the "ideal attack" section, not to the particular incident. But, anyway, it is a hijack by perception: the LIR managing the prefixes didn't authorize the split announcement. Also, frankly, it's not really clear if it's an optimizer just *leaking* or that's on purpose. My point is exactly that: figuring out whether there's an intent behind a routing violation or not is hard. -- Töma
- Previous message (by thread): [anti-abuse-wg] Defining routing abuse
- Next message (by thread): [anti-abuse-wg] Defining routing abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]