[149284] in North American Network Operators' Group
Re: [#135346] Unauthorized BGP Announcements (follow up to Hijacked
daemon@ATHENA.MIT.EDU (George Herbert)
Tue Jan 31 21:25:55 2012
In-Reply-To: <65E48EB1-A51C-4C70-9629-CD7477D6877B@delong.com>
Date: Tue, 31 Jan 2012 18:25:06 -0800
From: George Herbert <george.herbert@gmail.com>
To: Owen DeLong <owen@delong.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Jan 31, 2012 at 6:03 PM, Owen DeLong <owen@delong.com> wrote:
>
> On Jan 31, 2012, at 5:52 PM, Mark Andrews wrote:
>
>>
>> In message <7B85F9D8-BA9E-4341-9242-5EB514895B4C@virtualized.org>, David=
Conrad
>> writes:
>>>> I hope none of you ever get hijacked by a spammer housed at Phoenix =
=3D
>>> NAP. =A0:)
>>>
>>> In the dim past, I had a somewhat similar situation:
>>>
>>> - A largish (national telco of a small country) ISP started announcing =
=3D
>>> address space a customer of theirs provided. =A0Unfortunately, the addr=
ess =3D
>>> space wasn't the ISP's customer's to provide.
>>> - When the ISP was notified by both their RIR and the organization to =
=3D
>>> which the address space was rightfully delegated, the ISP's response =
=3D
>>> was:
>>>
>>> "We have a contractual relationship with our customer to announce that =
=3D
>>> space. =A0We have neither a contractual relationship (in this context) =
=3D
>>> with the RIR nor the RIR's customer. =A0The RIR and/or the RIR's custom=
er =3D
>>> should resolve this issue with our customer."
>>>
>>> It as an eye-opening experience.
>>>
>>> Regards,
>>> -drc
>>
>> And if I have a contract to commit murder that doesn't mean that
>> it is right nor legal. =A0A contract can't get you out of dealing
>> with the law of the land and in most place in the world "aiding and
>> abetting" is illegal.
>>
>> Mark
>> --
>> Mark Andrews, ISC
>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>> PHONE: +61 2 9871 4742 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 INTERNET: marka@i=
sc.org
>
> Not to put a damper on things, but, is there actually any law that preclu=
des use of integers as internet addresses contrary to the registration data=
contained in RIR databases?
>
> I can see how a case might be made for tortious interference, but I think=
it's quite nebulous and I believe a civil matter at best. IANAL, but, I ac=
tually wonder if there is any way to construe the behavior in question as c=
riminal and if so, under what statute(s).
>
> Owen
>
>
An interesting thought experiment series:
Imagine that instead of joe-random-small-ISP, this was Tier-1 ISP
customer space being hijacked.
Imagine that instead of Tier-1 customer, it was Tier-1 core services
(www.company, etc).
Imagine that instead of Tier-1 core services, it was the blocks
www.apple.com/iTunes or www.google.com lived in.
Imagine that instead of www.google.com, it was www.whitehouse.gov
At some point, I suspect that this gets service to get it fixed RIGHT
NOW. At some point, the guys informing you it's RIGHT NOW show up
with badges.
The question is, when is it badges? It can be construed as a denial
of service attack on the addresses' rightful owners. They will
respond to any major government site being hijacked. Probably to
Apple or Google. Likely to a Tier-1 ISPs internal infrastructure.
That they probably won't to the current situation is a matter of
failure of the system to scale, not that the ethics, morality, or
legality of the situation are any different now than
www.whitehouse.gov going poof.
IMHO.
--=20
-george william herbert
george.herbert@gmail.com
