[164881] in North American Network Operators' Group
Re: questions regarding prefix hijacking
daemon@ATHENA.MIT.EDU (Alexander Neilson)
Wed Aug 7 18:01:59 2013
From: Alexander Neilson <alexander@neilson.net.nz>
Date: Thu, 8 Aug 2013 09:55:11 +1200
To: nanog@nanog.org
In-Reply-To: <bd2d7aeac3fa49afa090e4869977d227@BLUPR03MB166.namprd03.prod.outlook.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--Apple-Mail=_983226D1-C0C7-4355-9033-C8253C98E266
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
Regards
Alexander
Alexander Neilson
Neilson Productions Limited
alexander@neilson.net.nz
021 329 681
022 456 2326
On 8/08/2013, at 9:47 AM, Marsh Ray <maray@microsoft.com> wrote:
>> From: Christopher Morrow
>> Sent: Wednesday, August 7, 2013 2:06 PM
>>=20
>> On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray <maray@microsoft.com> =
wrote:
>>>=20
>>> It would be incredibly useful for someone to start a page or a =
category on
>> Wikipedia "List of Internet Routing and DNS Incidents" that would =
include
>> both "accidental" and malicious events.
I would see there being a problem with Wikipedia trying to categorise =
some of them as accidental / malicious. I think if it was done it would =
have to be list where ones that were publicly announced as accidental =
would be listed as accidents and the rest left un noted to comply with =
neutral point of view and verification.
>>=20
>> do we really need that?
>=20
> Have you ever heard of someone using IP addresses as an access control =
mechanism? (AKA, "IP whitelist")
>=20
> When I hear about this, I would really *love* to be able to link them =
to a credible source.
>=20
>> they seem to occur often enough that that isn't really required :(
>=20
> *I* believe you, but in practice that's not sufficient to convince =
many other folks.
> Currently, a section of a page on Wikipedia lists 7 incidents going =
back to 1997.
> http://en.wikipedia.org/wiki/IP_hijacking#Public_incidents
>=20
> Serious question: Do folks here feel that is an accurate =
representation of this phenomenon in practice?
I would tend to say as it lists BGPmon.net as an external link thats a =
good resource for finding out about other ones that have happened. Also =
maybe that section should be renamed notable incidents and just have it =
as a sample of some of these incidents.
>=20
> - Marsh
>=20
>=20
--Apple-Mail=_983226D1-C0C7-4355-9033-C8253C98E266
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIMjTCCBjQw
ggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0
Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxKTAn
BgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAyNDIxMDE1NVoX
DTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw
KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFy
dENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOrlr6KMoOMpohBllVHrdRvEg/q6r8jR+EK
75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSMzR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC
+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxD
z2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSDkOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr
/+N2JLKutIxMYqQOJebr/f/h5t95m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0w
ggGpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFc
fH6WNU7y1LhRgjAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRa
MFgwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYh
aHR0cDovL3d3dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5j
b20vc2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0
dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqDCH14qywG
XLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy6QMVQjbbMXlt
UfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPIzKKR9tQW8gGK+2+R
HxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKfKSETEPrHh7p5shuuNktv
sv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HORz9v3vQwR4e3ksLc2JZOAFK+s
sS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9sIPP7ON0fz095HdThKjiVJe6vofq
+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCieuoBJ9OlqmsVWQvifIYf40dJPZkk9YgGT
zWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7tw1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGq
Up/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQG2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb1
9mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIGUTCCBTmg
AwIBAgIDBnbbMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD
b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYG
A1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcN
MTMwNDIzMTMyMzI5WhcNMTQwNDI0MDY0OTM4WjBnMRkwFwYDVQQNExBqQ3ZsN3JxSGNPS0Q2V255
MSEwHwYDVQQDDBhhbGV4YW5kZXJAbmVpbHNvbi5uZXQubnoxJzAlBgkqhkiG9w0BCQEWGGFsZXhh
bmRlckBuZWlsc29uLm5ldC5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALcsdJqX
uSojenXJTW7Kmcgg9+Z506PmnL7Qnl5vEltX5AyCpGW4tGndk2RTNzk/PEQFFs2VxLrG2bXXr5Ja
b4g5dkOYTUi+FU/2JKcXWswg4kZiiqsYdARpmeeYhUgoK0dTiEx86gQYF7CanmIZzGdtwdeNg4qw
BZiFLMBYIQgdy0otj+XKdJ3uOcQ4jF8DUyzLKdPiVVA8XSLnmMWsuIUAQC6AQZNDDlZk2bUV3aGl
r5mySUyOQX6YwsC4TpXX4PwAteFrMWigXDplshBgMOfE09OMcYMNsN9AxKqHSi1bbqrreHcKY6fR
5IK45wgBd0iBdb/ljy5DOgG/eMTpTPcCAwEAAaOCAt4wggLaMAkGA1UdEwQCMAAwCwYDVR0PBAQD
AgSwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQU0JERagE1YY65jWho
rEWjriTjLC4wHwYDVR0jBBgwFoAUU3Ltkpzg2ssBXHx+ljVO8tS4UYIwIwYDVR0RBBwwGoEYYWxl
eGFuZGVyQG5laWxzb24ubmV0Lm56MIIBTAYDVR0gBIIBQzCCAT8wggE7BgsrBgEEAYG1NwECAzCC
ASowLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwgfcGCCsG
AQUFBwICMIHqMCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MAMCAQEagb5UaGlz
IGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNjb3JkaW5nIHRvIHRoZSBDbGFzcyAxIFZhbGlkYXRp
b24gcmVxdWlyZW1lbnRzIG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3ksIHJlbGlhbmNlIG9ubHkg
Zm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGluIGNvbXBsaWFuY2Ugb2YgdGhlIHJlbHlpbmcgcGFy
dHkgb2JsaWdhdGlvbnMuMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29t
L2NydHUxLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3Nw
LnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2Fp
YS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqG
GGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAiZrIUhbVTrGmKyi3
smCFPKpHz1lSLvA8khtIaYwKPdXg4/qpHiOnoH+/PTKN4LHBlist1gOG4IPworG+cvWc8pgBrQcq
MzY+m8MkbVq0eN4VEmyvV1PKoMqgUMoM+ysRHoqfq9hihyLTTN/3MVPK0dIZ3r89HPcOu1hzGZ+e
sJuicQjKTibiLOXcJIGRKU1Dg3s0FFP4m6UYSHG+UEeO2LkOK+qWlV27NL3CFCAcF4fQiuRj0JXI
XH2briJaRTQbX2lh/FFhWlmskgCky0/o/erqIpxpw2WSGuslMZQ6MSpX0AHqYsqZm9zcQuDHLJ5w
C8jqb0RrLw+8t4Xkqzw2qjGCA28wggNrAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN
U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu
ZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQg
Q0ECAwZ22zAJBgUrDgMCGgUAoIIBrzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3
DQEJBTEPFw0xMzA4MDcyMTU1MTJaMCMGCSqGSIb3DQEJBDEWBBSe5ufKLHBrlPqyXvVzXQZgqtZd
3zCBpQYJKwYBBAGCNxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g
THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UE
AxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwZ22zCB
pwYLKoZIhvcNAQkQAgsxgZeggZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBM
dGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQD
Ey9TdGFydENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDBnbbMA0G
CSqGSIb3DQEBAQUABIIBAAeucOwtRzewj0xhQGAjTXbUy5q4GD6NXxDRczZ9e9vrwS5Rc8lNJfOq
qzIGCM1gOwxfj52FphESmz9LLXiEgWVfBZ51ifJuD8xaEESLO/PD+pdOx9M5gCUH5ZF8WvVu+Du/
bXoDTNgt+N5zIxElUz1D3f0gtgQrJqg8bk9xrIxLGQV/gWNlk1mvXUAOeLEPPRpNxvG7fRUAz35i
f42KxCiDofeVqYrKHkuzcdRdhg1G6MBlA5xN9AXsveCKXeIv+xT8zQx9o9eynYSTxn44jxRQNb7u
j2Ax3VYeK2L9O0la/qYzx/R/Njq+1BQ9xtDKAX+g9ODNSzFW7Xn/65FIatwAAAAAAAA=
--Apple-Mail=_983226D1-C0C7-4355-9033-C8253C98E266--
