This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
- Previous message (by thread): [db-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
- Next message (by thread): [db-wg] [anti-abuse-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Thu Aug 16 01:28:31 CEST 2018
In message <20180815.102137.2031302831757015708.he at uninett.no>, Havard Eidnes <he at uninett.no> wrote: >However, if the address space is out-of-region, the authorization >checks for the address space is dropped / ignored, and only the >authorization for the AS object is used, allowing the >registration of route objects without the consent of the address >space holder. I suspect it is this loop-hole which is being >abused to register the route objects you are mentioning. I believe that the above analysis is not only correct, but also both self-evident and already well-known. It is my understaing that this "loop-hole" is so well known, in fact, and that it has already been so frquently abused that come September 4th of this year... less than three weeks from now... this loop-hole will be formally, finally, and officially closed for good, at least with respect to -new- route objects. (As I understand it, all of the ones that are already in the data base as of September 4 will be left there, but will be tagged in some manner to indicate their potential unreliability.) It is Good that this step is, at long last, being taken, but that does not do anything at all to address the underlying question that I have asked, and which remains unanswered, and which I quote here again, for the benefit of those who may have missed it the first time: Who exactly does one need to kill, maim, or seriously wound in order to get kicked out of this organization (RIPE)? I sense that the RIPE community attitudes about hijacking -and- even hijacking which has been materially aided and abetted by the introduction of fradulent route objects into the RIPE data base is just one that could best be summed up in that old saying "Oh Well! Boys will be boys!" I am not persuaded that this sort of lackadaisical and laissez-faire attitude towards this kind of situation is even close to an appropriate response, given that fact that litteral billions of people actually rely on this thing we call the Internet every day of the week. This isn't just a private little boy's club anymore, and the days when these types of antics could just be winked at, and smirked at have passed away some time ago already. It's time that RIPE stopped -fostering- this sort of bad behavior by consistantly doing nothing about it, and just allowing the perpetrators to keep their legitimately allocated ASNs, address space, memberships, etc. Regards, rfg
- Previous message (by thread): [db-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
- Next message (by thread): [db-wg] [anti-abuse-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]