[37077] in North American Network Operators' Group
Re: black hat .cn networks
daemon@ATHENA.MIT.EDU (k claffy)
Mon Apr 30 23:40:53 2001
Date: Mon, 30 Apr 2001 18:01:12 -0700
From: k claffy <kc@ipn.caida.org>
To: Jim Mercer <jim@reptiles.org>
Cc: Dan Hollis <goemon@anime.net>, Roeland Meyer <rmeyer@mhsc.com>,
"'nanog@merit.edu'" <nanog@merit.edu>, dm <dmoore@caida.org>
Message-ID: <20010430180112.A13809@caida.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <20010430182300.E7384@reptiles.org>; from jim@reptiles.org on Mon, Apr 30, 2001 at 06:23:00PM -0400
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, Apr 30, 2001 at 06:23:00PM -0400, Jim Mercer wrote:
On Mon, Apr 30, 2001 at 03:11:25PM -0700, Dan Hollis wrote:
> On Mon, 30 Apr 2001, Roeland Meyer wrote:
> > How quickly can CN be firewalled anyway?
>
> As quickly as you can write route-map filters
i don't know that it will be that easy.
surely, not all of china connects through a single AS.
87 ASes registered to china from whois records
(might be more by now, that's from old snapshot)
that doesn't include non-.cn ISPs with
customers in china...
it doesn't strike me as impossible to
write a virus (a la lion)
http://www.nipc.gov/warnings/advisories/2001/01-009.htm
that could trigger to spread infection as soon
as it could tell that no chinese-based ASes
were reachable from it
(get the world to protect china with filters,
then release the toxins...)
so `protecting the Internet from china w AS filters'
information warfare policy
makes me a little nervous
maybe we could just really slow down all traffic headed there
oh wait we already do that
k
