This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carlos Friaças
cfriacas at fccn.pt
Thu Mar 21 22:52:01 CET 2019
Please see inline, On Thu, 21 Mar 2019, Richard Clayton wrote: > In message <CAFV686e9aa8xhACUz+ePfbELU74MPcE-2PiC2-kpU- > 1xAptxFA at mail.gmail.com>, Jacob Slater <jacob at rezero.org> writes > >> While the idea of an a complaint form (with teeth) sounds appealing, I do >> not believe submission should be open to everyone. Only the party holding >> rights (as registered in a RIR) should be able to file a report regarding >> their own IP space. > > there are two practical problems with that: > > first: historically anyway, large Chinese providers have not seemed to > take much notice if their prefixes are hijacked... this may be because > they are not using the IP space, or that they consider the class of user > for that space to have no business accessing resources outside of China > (the latter seems a bit unlikely, but the "Great Firewall of China" is a > complex set of devices so there may be a lot of proxying going on) Let me add: while the legitimate owner might not care, those who will be receiving hijacked prefixes through BGP might care. > second: many hijackers have used space (and AS numbers) that was > allocated to entities that almost certainly don't exist any more. > Determining who holds the rights to this space (a question for the > liquidators of the companies involved I expect) is almost certainly > impossible to establish Precisely. Well, the rightful owner should be able to issue a ROA :-) > which taken together mean that quite a number of the hijackers I have > chased down over the years would not be affected by this proposal :( And there are those that use space registered to conflict zones, where it's less probable that anyone will notice/complain... > Also of course the proposed policy does cover unallocated space (large > chunks of which are currently announced as I pointed out earlier, which > still doesn't seem to be worrying many people). Would you expect IANA or > the RIRs to lodge complaints here ? Why not? :-) Well, i added bugging Geoff Huston about this to my TO-DO list. Let's see if he can provide some insight. >> If everyone is allowed to do so, we run several risks, >> namely that individuals with no knowledge of the situation (beyond that >> viewed in the public routing table) will file erroneous reports based on >> what they believe to be the situation (which may not be accurate, as some >> forms of permission for announcement are not documented in a way they could >> feasibly see). > > I entirely agree -- this just adds to the list of practical complexities > that I (and a few others) have been pointing out. There is some risk yes. My best take at the moment is that bogus claims should be filtered. > Yes hijacks can be simple to understand -- but they can be very complex > and perfectly legitimate activity can look like a hijack until a lot of > detail has been considered. That's why there is reasonable room to the suspected hijacker to explain. One expert can be wrong, all experts can be wrong once, and even after that the ratification step could act as a safety knob. Best Regards, Carlos > > -- > richard Richard Clayton > > Those who would give up essential Liberty, to purchase a little temporary > Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 >
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]