[14015] in North American Network Operators' Group
Advisory - tunneling of IP at exchange points.
daemon@ATHENA.MIT.EDU (Paul Thornton)
Tue Nov 25 10:12:28 1997
Date: Tue, 25 Nov 1997 14:47:22 +0000 (GMT)
From: Paul Thornton <prt@linx.net>
To: nanog@merit.edu
cc: eof@ripe.net, se-gix@sunet.se, mae-east-tech@uu.net, membership@linx.net,
ops@linx.net
-- PLEASE NOTE: If you are replying to this, consider pruning the list
-- of cc's rather than crossposting replies wildly! Thanks.
The LINX and several of its members have recently had to take action
against an ISP that was using GRE tunneling between exchange points
to appropriate the capacity of other ISPs.
Although the offending party is now unlikely to repeat this abuse,
we feel that this is an important vulnerabilty which could
potentially be newly exploited by others elsewhere. We have created
an advisory which describes details of the vulnerability, and how to
detect and prevent it.
This advisory can be found at http://www.linx.net/tunnel-advisory.txt
Any questions are best referred to the authors listed in the
advisory text.
I would like to gratefully acknowledge the efforts of Lyndon
Levesley and Alex Bligh at GX Networks among others in tracking down
the abuse and creating this document.
Keith Mitchell
Chairman
London InterNet Exchange keith@linx.org
Geneva House, 3 Park Road
Peterborough PE1 2UX
United Kingdom
Phone: +44 1733 705000 (fax 353929)
Paul
--
Paul Thornton, Network Engineer, London Internet Exchange Ltd.
Tel: 07000 783797 Mobile: +44 467 372205
