nanog mailing list archives
RE: BGP-based blackholing/hijacking patented in Australia?
From: Henry Linneweh <hrlinneweh () sbcglobal net>
Date: Fri, 13 Aug 2004 04:46:34 -0700 (PDT)
Redirecting is nothing new and has been around for years, it was never a real problem until washington and the media stuck their face into something they had no clue about, as usual. I am certain there are ways to prevent redirection and those should be applied without a congressional hearing...... -Henry --- Michel Py <michel () arneill-py sacramento ca us> wrote:
Bevan Slattery wrote: Just to ease peoples concerns, the patent hasnothingto do with blackholing. A brief description oftheway it works can be found here:I believe that I am not the only one that is concerned precisely because it is _not_ blackholing, it is hijacking, no matter how legitimate the reason. <me puts the devil's advocate suit on> To say it bluntly, it smells a lot like the illegitimate offspring of an RBL and Verisign's wildcard deal. The phishing con artists redirect the unsuspecting mark to a third-party site, and this stuff also redirects the unsuspecting mark to another page:Where is the user re-routed to? If an end user isa victim of a scamand is redirected via the ScamSlam system, thenthe page they areredirected to is specified by the agency enteringthe scam data. Déjà vu: redirect the user's mistakes/stupidity to one's own business. What tells me that the agency is not the back office of the phishing scheme in the first place? Same as spyware: there is anti-spyware out there that deletes all the spyware installed by their competitors and conveniently "forgets" to detect or fix their own. And I also do see good opportunity for joe-jobs here: get some el-cheapo hosting on the hosting server that you want to take down, setup a fake phishing web page, then send phishing email and/or report the dummy phishing to the agency. The IP gets blacklisted and takes down thousands of web sites along with the one that bozo paid $10 one-time for. Gee, it costs less than a movie and popcorn. </me puts the devil's advocate suit on> Oh BTW, good luck trying to blacklist a large zombie pool that collectively hosts the phishing page and individually send their own address and listening port in the phishing email. Why phish on a single IP when one can phish distributed? Anyway, what's the difference with blackholing? The route-map sets the next-hop to a NAT box that dynamically binds the IP addresses contained in the BGP feed (instead of setting the next-hop to a blackhole)? BFD. Trying to patent the wheel is not good for credibility, nor is using the very same stinky methods as the scam artists. Michel.
Current thread:
- RE: BGP-based blackholing/hijacking patented in Australia?, (continued)
- RE: BGP-based blackholing/hijacking patented in Australia? Edward B. Dreger (Aug 13)
- RE: BGP-based blackholing/hijacking patented in Australia? Barry Raveendran Greene (Aug 13)
- RE: BGP-based blackholing/hijacking patented in Australia? Hank Nussbacher (Aug 14)
- RE: BGP-based blackholing/hijacking patented in Australia? Alex Bligh (Aug 15)
- RE: BGP-based blackholing/hijacking patented in Australia? Henry Linneweh (Aug 15)
- RE: BGP-based blackholing/hijacking patented in Australia? Barry Raveendran Greene (Aug 13)
- RE: BGP-based blackholing/hijacking patented in Australia? Neil J. McRae (Aug 13)
- Re: BGP-based blackholing/hijacking patented in Australia? Adrian Chadd (Aug 18)
- Message not available
- RE: BGP-based blackholing/hijacking patented in Australia? Bevan Slattery (Aug 12)
- RE: BGP-based blackholing/hijacking patented in Australia? Stephen J. Wilcox (Aug 13)
- Re: BGP-based blackholing/hijacking patented in Australia? Niels Bakker (Aug 13)
- Re: BGP-based blackholing/hijacking patented in Australia? Christopher L. Morrow (Aug 13)
- Re: BGP-based blackholing/hijacking patented in Australia? Niels Bakker (Aug 14)