This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carlos Friaças
cfriacas at fccn.pt
Wed Mar 20 22:17:58 CET 2019
Hi, please see inline. On Wed, 20 Mar 2019, Andrey Korolyov wrote: > > > On Wed, Mar 20, 2019 at 4:36 PM Ricardo Patara <ricpatara at gmail.com> wrote: > On this line of one ISP trying to make damage to other. > > One might abuse a vulnerable router (thousand out there), create a tunnel to it > and announce hijacked blocks originated from victims ASN. > > Both, victim ASN and vulnerable router owner, would be damaged and no traces of > criminal. > How could they defend themselves to the so called group of experts? > > And things in this line had happened already. > > Regards, > > > That's exactly my point from above for distributing responsibility over > things that AS may do over its direct peers :) With example from Furio > all ASNs in proposed topology could be blamed at once, for example. A report can be issued claiming N ASNs are involved, but i would say if one of them is not actually involved, the full report should be dismissed. > Determining exact topology may be somewhat not trivial, but not as hard > as paper relations where both sides are claiming their innocence. That's why sharing/exporting your BGP views will help an evaluation if an hijack was intentional or not. > So, for this version of proposal, I rather NAK it because it brings > more potential mess than the usefulness against bad actors. As i think Jordi have already written, there are several checks & balances that would make it hard for a due process reach its end while determining an intentional hijack took place without any intentional actions from the accused party. If you don't feel the guarantees within the process are enough (or clear enough), what would you like to add? Best Regards, Carlos
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]