Security Basics mailing list archives
RE: IP announce DOS
From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 9 Jun 2005 10:36:03 -0700
Did you get your Class C address from the relevant authority (ARIN, APNIC, RIPE, etc)? Or is it one that the old ISP assigned you, out of address space assigned to them? [It sounds like you think the former case applies, but since this is the "basics" list, I can't entirely assume that.] If there were a technical fix, a way to have BGP say "THIS is the One True Path to AS ____", then everyone would enable it and we'd be right back where we started.... Do you know your old ISP's upstream providers? A competent ISP will have at least two, but if they're small they might not have more than that. Perhaps they can be persuaded not to accept that ISP's announcement of this block? David Gillett
-----Original Message----- From: Alex Thurlow [mailto:buddychrist () gmail com] Sent: Wednesday, June 08, 2005 2:24 PM To: 'security-basics () securityfocus com' Subject: IP announce DOS I'm not positive this is the correct list to ask, but it is a security concern, so I thought I would. The company I work for had T1 lines running to our office provided by a local provider. We had our own C block of IPs being announced by them and routed to us over those T1s. Our relationship with them went sour (for many reasons I won't get into here), and we had to move to a different provider. We had the routing switched over to them. Everything was fine. Here it is a few weeks later, and suddenly our old provider starts announcing these IPs again. The end result is a partial DOS attack (hence writing to this list) as some people can't reach us. They won't stop the announcement. I don't know all the details on what they've said there as it's now gone to executives and legal people dealing with them. Is there anything we can do here from a network standpoint? Someone we can report them to? How do people protect themselves from just anyone announcing IPs that aren't theirs? Thanks in advance, Alex Thurlow ________________________________________ SKYLIST Email Marketing Solutions that Deliver Service You Can Trust You are receiving this email message from a representative of SKYLIST, Inc. 13171 Pond Springs Road, Austin, TX 78729 Toll Free: 877.250.2922 To cease all communication with SKYLIST, visit http://www.skylist.net/unsubscribe or send an email to unsubscribe () skylist com
Current thread:
- IP announce DOS Alex Thurlow (Jun 09)
- Re: IP announce DOS Micheal Espinola Jr (Jun 09)
- RE: IP announce DOS Burton Strauss (Jun 10)
- RE: IP announce DOS David Gillett (Jun 09)
- RE: IP announce DOS Thomas Ng (Jun 10)
- RE: IP announce DOS Burton Strauss (Jun 10)
- <Possible follow-ups>
- RE: IP announce DOS Andrew Shore (Jun 10)
- RE: IP announce DOS David Gillett (Jun 13)
- Re: IP announce DOS Alex Thurlow (Jun 10)
- Re: Re: IP announce DOS crabdog (Jun 13)
- Re: IP announce DOS Micheal Espinola Jr (Jun 09)