[31321] in North American Network Operators' Group
Re: S-BGP (some operational content)
daemon@ATHENA.MIT.EDU (Majdi S. Abbas)
Tue Sep 19 18:12:55 2000
Date: Tue, 19 Sep 2000 15:24:20 -0700
From: "Majdi S. Abbas" <msa@samurai.sfo.dead-dog.com>
To: Dave McKay <dave@sneakerz.org>
Cc: batz <batsy@vapour.net>, Timothy Brown <tcb@ga.prestige.net>,
nanog@merit.edu
Message-ID: <20000919152420.A12427@samurai.sfo.dead-dog.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20000919150353.A99742@sneakerz.org>; from dave@sneakerz.org on Tue, Sep 19, 2000 at 03:03:53PM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Sep 19, 2000 at 03:03:53PM -0500, Dave McKay wrote:
> Have you every noticed there aren't a whole lot of major IRC servers on
> cw.net? (I said not a whole lot, not none.) There is a reason for this,
> cw.net's filtering leaves something to be desired, you can advertise almost
> any AS to them and they will accept it. This could be used for DoS quiet
> easily and has been for sometime now. Blackhole attacks. But who wants to
> advertise an entire AS? If you peer with cw.net or most anyone for that
> matter you can advertise a nice little /25 on their network creating a
> blackhole for the amount of time you need it. This is one of the most common
> attacks there are. Major backbones will give major customers full routing
> and advertisements across their networks. (I've seen it happen, and still
> have it happen.)
Anyone who peers with a tier 1, particularly other tier 1s, is
not easily filter. I know for a fact (having done recent turnups) that
they do filter per-prefix on their downstream customers running BGP.
--msa
