nanog mailing list archives
Re: "Defensive" BGP hijacking?
From: Jean-Francois Mezei <jfmezei_nanog () vaxination ca>
Date: Wed, 14 Sep 2016 15:00:24 -0400
I got to think about this (dangerous thing :-( Ideally, law enforcement should have the smarts and tools to get involved in DDoS and other similar situations and have the power to compell upstream provider(s) to shut service to a suspect. The current situation appears to be more of a wild-west situation where everyone takes the law into their own hands. It sort of works but everyone knows this lead lead to abuses. If you start to tolerate falsifying BGP, it will likely lead to regular abuses (including intelligence agencies who stad to gain by redirecting traffic to their servers) as well as corporate spies etc. So mechanisms to enforce 0 tolerance are perhaps necessary, even if this means that a few legitimate BGP tricks to save customers from a failing ISP will no longer work. Falsifying BGP can be done by one person without any sanity checks. There is no check for evidence or whether this action is warranted. On the other hand, there is a sanity check if you have to convince an upstream provider to cut access to one of their customers.
Current thread:
- Re: "Defensive" BGP hijacking?, (continued)
- Re: "Defensive" BGP hijacking? Hugo Slabbert (Sep 13)
- Re: "Defensive" BGP hijacking? Bryant Townsend (Sep 13)
- Re: "Defensive" BGP hijacking? Hugo Slabbert (Sep 13)
- Re: "Defensive" BGP hijacking? Scott Weeks (Sep 13)
- Re: "Defensive" BGP hijacking? Scott Weeks (Sep 14)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 14)
- Re: "Defensive" BGP hijacking? Doug Montgomery (Sep 15)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 14)
- Re: "Defensive" BGP hijacking? Doug Montgomery (Sep 16)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 16)
- Re: "Defensive" BGP hijacking? Christopher Morrow (Sep 18)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 14)
- Re: "Defensive" BGP hijacking? Christopher Morrow (Sep 14)
- Re: "Defensive" BGP hijacking? John Curran (Sep 19)
- Re: "Defensive" BGP hijacking? Christopher Morrow (Sep 19)
- Re: "Defensive" BGP hijacking? John Curran (Sep 20)
- Re: "Defensive" BGP hijacking? Christopher Morrow (Sep 20)
- Re: "Defensive" BGP hijacking? John Curran (Sep 20)