[23707] in North American Network Operators' Group
Re: IRRs
daemon@ATHENA.MIT.EDU (Steve Carter)
Thu Apr 15 05:34:53 1999
Date: Thu, 15 Apr 1999 02:32:45 -0700
From: Steve Carter <scarter@pobox.com>
To: Sean Donelan <SEAN@SDG.DRA.COM>
Cc: nanog@merit.edu
Mail-Followup-To: Sean Donelan <SEAN@SDG.DRA.COM>, nanog@merit.edu
In-Reply-To: <990415032325.3686b@SDG.DRA.COM>; from Sean Donelan on Thu, Apr 15, 1999 at 03:23:25AM -0500
Errors-To: owner-nanog-outgoing@merit.edu
Sean Donelan wrote:
> 192.239.92.47 is announced by NTIS's ASN 10616 via UUNET ASN 701. I could
> not find a valid aut-num object for ASN 10616, and the covering route object
> for 192.239.92.47 was an old SURANET/BBN block for 192.239/16 indicating
> a source AS 1.
This is reasonably typical ...
> The lack of correct current routing registry information for the IRS web
> site doesn't seem to have hurt its connectivity. Other the other hand,
> it also wouldn't hurt the connectivity of someone impersonating the IRS
> web site network route. The rest of the Internet just has to take the
> routes on faith.
Don't let a route being registered in one of the routing registries lull
you into a false sense of security (sic), there is zero to very little
real authentication done on a route registration. It only takes an ounce
(or less) knowledge to register a route as being originated from any AS.
Do I think this is a real problem? It hasn't been so far, probably due to
our cooperative and trusting nature >;). I think it would take quite some
resources and reputation killing stupidity (or malice) to inject 'illegal'
routes and then do something meaningful with them.
-Steve
