Home page logo

nanog logo nanog mailing list archives

Re: Anyone notice strange announcements for
From: bmanning () vacation karoshi com
Date: Wed, 14 Jan 2009 15:57:27 +0000

 welcome to the joys of anycast... :)


On Wed, Jan 14, 2009 at 09:50:39AM -0600, Michienne Dixon wrote:

Interesting - So as a cyber criminal - I could setup a router, start
announcing AS 16733, 18872, and maybe 6966 for good measure and their
routers would ignore my announcements and IP ranges that I siphoned from
searching IANA?  Hm...  Would that also prevent them from accessing my
rogue network from their network?

Michienne Dixon
Network Administrator
312 Armour Rd.
North Kansas City, MO  64116
(816) 412-7990

-----Original Message-----
From: Simon Lockhart [mailto:simon () slimey org] 
Sent: Wednesday, January 14, 2009 2:07 AM
To: Hank Nussbacher
Cc: NANOG list
Subject: Re: Anyone notice strange announcements for

On Wed Jan 14, 2009 at 09:59:14AM +0200, Hank Nussbacher wrote:
What if, by doing some research experiment, the researcher discovers 
some unknown and latent bug in IOS or JunOS that causes much of the 
Internet to go belly up?  1 in a billion chance, but nonetheless, a 
headsup would have been in order.

Say we had a customer who connected to us over BGP, and they used some
new experimental BGP daemon. Their announcement was "odd" in some way,
but appeared clean to us (a Cisco house). Once their announcement hit
the a Foundry router, it tickled a bug which caused the router to
propogate the announcement, but also start to blackhole traffic. Oh
dear, large chunks of the Internet have just gone belly up.

Should we have given a heads up to the Internet at large that we were
turning up this customer?

(Yes, I'm in the minority that thinks that Randy hasn't done anything

Simon Lockhart | * Sun Server Colocation * ADSL * Domain Registration *
   Director    |    * Domain & Web Hosting * Internet Consultancy * 
  Bogons Ltd   | * http://www.bogons.net/  *  Email: info () bogons net  * 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]