nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Anyone notice strange announcements for 174.128.31.0/24

From: "Michienne Dixon" <mdixon () nkc org>
Date: Wed, 14 Jan 2009 16:52:42 -0600
Well, if you really want to pick knits you are welcome to.  If I meant
prepending, I would have said that. The example that I listed was
setting up a router, advertising the ASNs listed and the random IP
ranges gleaned from IANA.  Sorry if I confused you.


-
Michienne Dixon
Network Administrator
liNKCity
312 Armour Rd.
North Kansas City, MO  64116
www.linkcity.org
(816) 412-7990

-----Original Message-----
From: John Payne [mailto:john () sackheads org] 
Sent: Wednesday, January 14, 2009 3:57 PM
To: Michienne Dixon
Cc: NANOG list
Subject: Re: Anyone notice strange announcements for 174.128.31.0/24


On Jan 14, 2009, at 10:50 AM, Michienne Dixon wrote:



Interesting - So as a cyber criminal - I could setup a router, start 
announcing AS 16733, 18872, and maybe 6966 for good measure and their 
routers would ignore my announcements and IP ranges that I siphoned 
from searching IANA?  Hm...  Would that also prevent them from 
accessing my rogue network from their network?



What do you mean "announcing AS 16733..." ?

Putting 16733 in an AS PATH is not announcing it.






-
Michienne Dixon
Network Administrator
liNKCity
312 Armour Rd.
North Kansas City, MO  64116
www.linkcity.org
(816) 412-7990

-----Original Message-----
From: Simon Lockhart [mailto:simon () slimey org]
Sent: Wednesday, January 14, 2009 2:07 AM
To: Hank Nussbacher
Cc: NANOG list
Subject: Re: Anyone notice strange announcements for 174.128.31.0/24

On Wed Jan 14, 2009 at 09:59:14AM +0200, Hank Nussbacher wrote:

What if, by doing some research experiment, the researcher discovers 
some unknown and latent bug in IOS or JunOS that causes much of the 
Internet to go belly up?  1 in a billion chance, but nonetheless, a 
headsup would have been in order.


Say we had a customer who connected to us over BGP, and they used some



new experimental BGP daemon. Their announcement was "odd" in some way,



but appeared clean to us (a Cisco house). Once their announcement hit 
the a Foundry router, it tickled a bug which caused the router to 
propogate the announcement, but also start to blackhole traffic. Oh 
dear, large chunks of the Internet have just gone belly up.

Should we have given a heads up to the Internet at large that we were 
turning up this customer?

Simon
(Yes, I'm in the minority that thinks that Randy hasn't done anything
bad)
--

Simon Lockhart | * Sun Server Colocation * ADSL * Domain Registration 
*
  Director    |    * Domain & Web Hosting * Internet Consultancy *
 Bogons Ltd   | * http://www.bogons.net/  *  Email: info () bogons net  *
Previous By Date Next
Previous By Thread Next

Current thread: