nanog mailing list archives

Re: "Defensive" BGP hijacking?

From: Blake Hudson <blake () ispn net>
Date: Mon, 12 Sep 2016 10:24:03 -0500


Hugo Slabbert wrote on 9/11/2016 3:54 PM:

Hopefully this is operational enough, though obviously leaning more towards the policy side of things:

What does nanog think about a DDoS scrubber hijacking a network "for defensive purposes"?

http://krebsonsecurity.com/2016/09/alleged-vdos-proprietors-arrested-in-israel/

"For about six hours, we were seeing attacks of more than 200 Gbps hitting us,” Townsend explained. “What we were doing 
was for defensive purposes. We were simply trying to get them to stop and to gather as much information as possible about 
the botnet they were using and report that to the proper authorities.”



https://bgpstream.com/event/54711

My suggestion is that BackConnect/Bryant Townsend should have their ASNrevoked for fraudulently announcing another organization's addressspace. They are not law enforcement, they did not have a warrant orjudicial oversight, they were not in immediate mortal peril, etc, etc.

Current thread:

"Defensive" BGP hijacking? Hugo Slabbert (Sep 11)
- Re: "Defensive" BGP hijacking? FHR (Sep 11)
- Re: "Defensive" BGP hijacking? Ca By (Sep 11)
- Re: "Defensive" BGP hijacking? Blake Hudson (Sep 12)
  - Re: "Defensive" BGP hijacking? Ryan, Spencer (Sep 12)
    - Re: "Defensive" BGP hijacking? Mel Beckman (Sep 12)
    - Re: "Defensive" BGP hijacking? Florian Weimer (Sep 12)
    - Re: "Defensive" BGP hijacking? Jared Mauch (Sep 12)
- Re: "Defensive" BGP hijacking? Richard Hesse (Sep 12)
  - Re: "Defensive" BGP hijacking? Paras Jha (Sep 12)
    - Re: "Defensive" BGP hijacking? Mel Beckman (Sep 12)
- Re: "Defensive" BGP hijacking? Jean-Francois Mezei (Sep 12)
  - Re: "Defensive" BGP hijacking? Hugo Slabbert (Sep 12)
    - Re: "Defensive" BGP hijacking? Jean-Francois Mezei (Sep 12)

(Thread continues...)