Home page logo
/

nanog logo nanog mailing list archives

RE: Anyone notice strange announcements for 174.128.31.0/24
From: "Michienne Dixon" <mdixon () nkc org>
Date: Mon, 12 Jan 2009 16:51:05 -0600


The only exception I took with this morning's exercise is that had I
known that Mr. Bush was doing legitimate testing I would have allocated
my time differently.
I would consider this analogous to a customer testing their home alarm
system and not letting the alarm company know about the test.  The alarm
company is going to investigate and I would hope even attempt to call
the customer.  Upon not being able to reach the customer they decide to
err on the side of caution and dispatch someone to investigate.  

As Mr. Bush said, tools can be used for good or bad.  If someone was
using my AS to hijack IP space that belonged someone else, I would want
to know about it. Would that not be akin to using a stolen identity to
commit a crime?

Mr. Bush - I'm not trying to beat a dead horse here.  (Un)fortunately,
you have given a lot of us something to discuss today.  ;)


-
Michienne Dixon
Network Administrator
liNKCity
312 Armour Rd.
North Kansas City, MO  64116
www.linkcity.org
(816) 412-7990

-----Original Message-----
From: Joe Abley [mailto:jabley () hopcount ca] 
Sent: Monday, January 12, 2009 3:52 PM
To: Patrick W. Gilmore
Cc: NANOG list
Subject: Re: Anyone notice strange announcements for 174.128.31.0/24


On 2009-01-12, at 16:16, Patrick W. Gilmore wrote:

People have been doing it forever.  However, it has been considered 
sketchy at best.

This all seems highly subjective. Considered that way by some, sure
(including you, it seems).

In my experience prepending someone else's AS to a prefix has only been
useful operationally only as a short-term, emergency measure (e.g. when
trying to avoid a black-hole between two remote ASes, neither of whom
shows any signs of fixing the problem).

Randy's application, and Lorenzo's before him also seem like short- term
applications designed to explore answering operational questions.

Just because something is generally not used, or even if it's only worth
using in an emergency, doesn't make it "sketchy".

Most knee-jerk reactions to AS_PATH manipulation sound to me like fear
of the unusual.


Joe




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault