[164863] in North American Network Operators' Group
Re: questions regarding prefix hijacking
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Wed Aug 7 04:40:46 2013
In-Reply-To: <CAJx5YvFPgJwM_hSVdPhEAc3oOjyiNLGNCi=Zo=pX_WPB8UnwHA@mail.gmail.com>
Date: Wed, 7 Aug 2013 01:40:34 -0700
From: Paul Ferguson <fergdawgster@gmail.com>
To: Martin T <m4rtntns@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Unfortunately, it is way too easy for people to inject routes into the
global routing system.
I think most of the folks on the list can attest to that. :-)
- ferg
On Wed, Aug 7, 2013 at 1:20 AM, Martin T <m4rtntns@gmail.com> wrote:
> Hi,
>
> as probably many of you know, it's possible to create a "route" object
> to RIPE database for an address space which is allocated outside the
> RIPE region using the RIPE-NCC-RPSL-MNT maintainer object. For example
> an address space is from APNIC or ARIN region and AS is from RIPE
> region. For example a LIR in RIPE region creates a "route" object to
> RIPE database for 157.166.266.0/24(used by Turner Broadcasting System)
> prefix without having written permission from Turner Broadcasting
> System and as this LIR uses up-link providers who create prefix
> filters automatically according to RADb database entries, this ISP is
> soon able to announce this 157.166.266.0/24 prefix to Internet. This
> should disturb the availability of the real 157.166.266.0/24 network
> on Internet? Has there been such situations in history? Isn't there a
> method against such hijacking? Or have I misunderstood something and
> this isn't possible?
>
>
> regards,
> Martin
>
--
"Fergie", a.k.a. Paul Ferguson
fergdawgster(at)gmail.com
