Home page logo
/

nanog logo nanog mailing list archives

Regarding Hijacked Networks
From: John Curran <jcurran () arin net>
Date: Fri, 3 Feb 2012 02:02:01 +0000

On Jan 31, 2012, at 9:03 PM, Owen DeLong wrote:

Not to put a damper on things, but, is there actually any law that precludes use of integers as internet addresses 
contrary to the registration data contained in RIR databases?

ARIN spends a bit of time on these types of questions.

The right to exclusive use a particular block Internet addresses is 
indeed provided by contract with ARIN, but the context is within the 
registration system itself.  We are not aware of any law in ARIN's 
service region which would preclude other parties from configuring 
equipment with any numbers they wish.  Note also - if someone thinks 
that they have a right of exclusive use of a particular block Internet 
addresses because of convictions that the addresses themselves are 
"property" (whatever that means), the outcome still doesn't change;
i.e. there is still no law or regulation as best we can determine 
which prevents someone from configuring their own equipment with 
any particular block of IP addresses... (and I would advise some
very careful thought before advocating that such be changed.[*])

In the end, the registry simple reflects a set of numbers managed for 
uniqueness by the policies set by the community.  Since the Internet 
relies on unique host identifiers, it's a pretty useful database, but 
that usefulness is predicated on people actually making use of it...
One would think that ISP's wouldn't accept routes accept from the 
parties not listed on an address block, but that is not universally 
the case, and correcting that other than at the point of injection
is rather problematic unless we have some relatively easy way to 
build, propagate, and verify routing assertions by the address 
holder (e.g. RPKI, as noted by Danny and Randy)

ARIN is slowly but steadily working on getting RPKI rolled out in 
production this year... folks interested in gaining some hands-on 
RPKI experience in the meantime can participate in ARIN's RPKI Pilot;
we have more than 50 organizations participating at this time - 
<https://www.arin.net/resources/rpki.html>

FYI,
/John

John Curran
President and CEO
ARIN

p.s.  [*] As previously noted in this discussion, address blocks may
      sometimes be hijacked based on acts that _are_ violation of law 
      (e.g fraud), but the mechanisms for dealing with such are quite 
      slow by default (at least in the US.)  That doesn't mean that 
      they can't work faster, but only that timeliness increases when 
      there are numerous harmed parties are plainly evident to the law 
      enforcement folks.  Given the potential impact from abuse or even 
      human error for any orders affecting the Internet, the delay may 
      even be an important feature of the present system.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault