Re: Anyone notice strange announcements for 174.128.31.0/24

["jim deleskie" <deleskie () gmail com>]

Jared,

 Fine which makes it an interesting data point and something to look
at after lunch when I'm not doing something else kinda issue. Not
something I'm going to treat as a P1 and drop everything work or real
life related for.  I'm not say it shouldn't be looked it, just that in
the grand scheme of the thing its not a huge issue.  Kinda like when
people feel the need to tune IGP time sub second convergence but do
impactful maint on routers or circuits 3-4 times a yr.  If you lock
the doggie door but leave the front door open the bad guys can walk
right in. :)

-jim



On Tue, Jan 13, 2009 at 11:06 AM, Jared Mauch <jared () puck nether net> wrote:
> On Tue, Jan 13, 2009 at 07:00:34AM -0800, David Barak wrote:
> > If the concern was a Pilosov/Kapela style hijack, wouldn't the first thing you'd check be what the address range 
> > was?  That would lead you straight to Randy, and that should have cleared up the matter straightaway.  Remember: the 
> > owner of the IP space is the victim, not the ASN which gets prepended into the path...
>
>        No, they are both victims.  If I inject a path that purports
> there is an edge between two networks which are engaged in a bitter
> dispute, (i'll use cogent & sprint as an example) - _1239_174_ that may
> create a situation where someone asserts that their routes are
> being filtered when infact no connectivity exists.
>
>        Does that mean that I hijacked their identiy and forged it?  What
> level of trust do you place in the AS_PATH for your routing, debugging and
> decision making process?
>
>        Personally, I would be upset if someone injected a route with my
> ASN in the AS_PATH without my permission.
>
>        - Jared
>
> --
> Jared Mauch  | pgp key available via finger from jared () puck nether net
> clue++;      | http://puck.nether.net/~jared/  My statements are only mine.