[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

In message <alpine.LRH.2.21.1904181130160.21398 at gauntlet.corp.fccn.pt>,
Carlos Friaças <cfriacas at fccn.pt> writes

>>> On Thu, 18 Apr 2019, Richard Clayton wrote:
>>>> ... I am aware of peer pressure (literally), action by IXPs, action by
>>>> organisations providing reputation scores and even action by hosting
>>>> companies.
>>>
>>> Yes, i'm aware of that too. Sometimes it fixes specific hijacks, but does
>>> it stop or in anyway cause a delay for hijackers to hop onto the next
>>> hijack...???
>>
>> All of examples I gave come from my experience in putting a stop to
>> various actors hijacking address space. Now it may be that the same
>> actors have come back and found another completely different hosting
>> company to carry their hijacks -- but getting them to start again from
>> scratch has always looked like a win to me.
>
>It's also a win in my dictionary. :-)))
>
>But didn't you see any cases where the hijacker was the hosting company itself?

Hard to tell in some cases whether the people running the hosting
company were merely in league with the hijackers or the hijackers
themselves. Only a court would care about the difference -- the
practical view is that it just means that action needs to be taken by
peers or by an IXP (or both)

>> In particular there is nothing like being thrown off an IXP for putting
>> a crimp in your operations. There's real money involved.
>
>With my IXP hat on, i can say that removing a member is not something the IXP 
>will do lightly.

and rightly so ... and in my experience (you really should note the
people here with experience) they want to gather their own evidence and
form their own judgment before doing something so significant. That's
why your proposal for RIPE NCC being forced to act by a semi-detached
panel of experts is so deeply flawed.

>> I advised you before to give up on getting RIPE to develop a completely
>> new approach to tackling abuse (especially since it really is not going
>> all that well) -- and instead to put your effort into getting IXPs to
>> develop robust policies in this space. After all IXPs and routing are a
>> far better fit that an RIR and routing.
>
>I agree IXPs are important. However the RIRs can be useful at a larger scale...

you have no evidence for that -- you are just hoping that they will be

-- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190418/a901202d/attachment.sig>