This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Richard Clayton
richard at highwayman.com
Thu Mar 21 02:01:44 CET 2019
In message <alpine.LRH.2.21.1903200737280.5937 at gauntlet.corp.fccn.pt>, Carlos Friaças via anti-abuse-wg <anti-abuse-wg at ripe.net> writes >What you described Which was (tedious this top posting approach isn't it!) that in any AS path you cannot determine externally which of a pair of adjacent AS's is being wicked [that would change in a world with BGPSEC, but that is not the world in which we live] >also crossed my mind, but as you said "it won't be too >hard to figure out". Yes it will -- the left hand AS will say that the right hand AS announced the path to them. The right hand AS will deny it. Both will produce logs from routers and (if the non-genuine log is expertly forged) the experts will have to guess which AS is being bad >And when everything is made clear, if a report is filed against AS1, AS1's >holder might have a problem, so i see a strong reason for not even trying >:-) In the real world at present, we deduce which AS is wicked from either a pattern of wickedness (we assume that multiple AS's are not ganging on someone to frame them) or by assessing the probity of the two ASs from personal knowledge of their staff, or their business. I write this (and my earlier remarks about AS numbers) from the perspective of someone who has spent some considerable time over the past few years dealing with BGP hijacks[*]. It is generally simple to work out who the bad guy is sufficiently to put pressure on them to reform... but it is often the case that you have to say that on balance it is more likely to be this AS rather than that one. [*] people may have heard me talk about this at LINX and there is another opportunity to listen at FIRST in June. I hope to be able to make the material I have more generally available, but there are {DAYJOB} constraints on that at present. For clarity (and such vote counting as may occur) I am very much in favour or a policy that says that theft of resources is seen as unacceptable by the RIPE community (it's also illegal, so this is perhaps somewhat unnecessary!) but I am concerned that people think that assessing what is going on will be a trivial process and that is very far from the truth. -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 185 bytes Desc: not available URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190321/038987e9/attachment.sig>
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]