RE: Washington Post: Atrivo/Intercage, why are we peering with the American RBN?

["Howard Leadmon" <howard () leadmon net>]

Guess I need to look in more detail, but doesn't looking at that show that
CHINANET has about half the rouge network infections of the overall network.
Sounds like if you don't do business with China, putting in a blackhole on
AS4134 (and maybe 4837 and 4812) would knock out the majority of the trouble
sites.   

 Heck, and maybe I am in the dark ages, I didn't realize google was
providing that much connectivity, why the heck do they have so many infected
machines.   Unless I am just reading that stuff wrong, guess I need to take
my time and go through it.  I am not in the wholesale bandwidth game
anymore, but I have sure suffered my share of DDoS attacks, and am all for
any intelligent things I can do to help eliminate such future issues..


---
Howard Leadmon 


> -----Original Message-----
> From: Suresh Ramasubramanian [mailto:ops.lists () gmail com]
> Sent: Friday, August 29, 2008 4:38 PM
> To: Gadi Evron
> Cc: nanog () merit edu
> Subject: Re: Washington Post: Atrivo/Intercage, why are we peering with
> the American RBN?
>
> On Sat, Aug 30, 2008 at 1:32 AM, Gadi Evron <ge () linuxbox org> wrote:
> > 2. On a different note, why is anyone still accepting their route
> > announcements? I know some among us re-route RBN traffic to protect
> users.
> > Do you see this as a valid solution for your networks?
> >
> > What ASNs belong to Atrivo, anyway?
>
> The ASNs you ask about - as per the report - are on pages 4..8 of
> http://hostexploit.com/downloads/Atrivo%20white%20paper%20082808ac.pdf