[186599] in North American Network Operators' Group
Re: de-peering for security sake
daemon@ATHENA.MIT.EDU (Colin Johnston)
Fri Dec 25 04:50:50 2015
X-Original-To: nanog@nanog.org
From: Colin Johnston <colinj@gt86car.org.uk>
In-Reply-To: <201874.1451004539@turing-police.cc.vt.edu>
Date: Fri, 25 Dec 2015 09:50:45 +0000
To: Valdis.Kletnieks@vt.edu
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On 25 Dec 2015, at 00:48, Valdis.Kletnieks@vt.edu wrote:
>=20
> On Thu, 24 Dec 2015 23:44:10 +0000, Colin Johnston said:
>> We really need to ask if China and Russia for that matter will not =
take abuse
>> reports seriously why allow them to network to the internet ?
>=20
> Well, first off, it isn't like China or Russia are just one ASN. =
You'd have
> to de-peer a bunch of ASN's - and also eliminate any paid transit =
connections.
>=20
> Note that even North Korea has managed to land at least a small =
presence on
> the Internet. Are you going to ban them too?
>=20
> While we're banning countries, how about the country that's known for
> widespread surveillance both foreign and domestic, has one of the =
strongest
> cyber warfare arsenals around, and has been caught multiple times =
diverting and
> backdooring routers sold to foreign countries?
>=20
> Oh wait, that's the US. Maybe we better rethink this?
>=20
> Obviously, there's a lot of organizations that think that being able =
to
> communicate with China and Russia outweighs the security issues. You =
are
> of course welcome to make a list of all Russian and Chinese ASNs and =
block
> their prefixes at your border.
So therefore we must somehow engage and enforce best practice for abuse =
alerts and action issues
Colin
