RE: [RPSEC] FW: AS 8437 announced a quarter of the net for half of an hour

"Tony Li" <tli@tropos.com> Tue, 15 August 2006 04:07 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GCqCr-0003N5-29; Tue, 15 Aug 2006 00:07:09 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GCqCq-0003Mu-EJ for rpsec@ietf.org; Tue, 15 Aug 2006 00:07:08 -0400
Received: from iceblock01.troposnetworks.com ([12.108.168.187] helo=iceblock01.tropos.com) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GCqCp-0006f9-2t for rpsec@ietf.org; Tue, 15 Aug 2006 00:07:08 -0400
Received: (qmail 4311 invoked from network); 15 Aug 2006 04:07:22 -0000
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on iceblock01
X-Spam-Level:
X-Spam-Status: No, score=-104.2 required=6.0 tests=ALL_TRUSTED,AWL,BAYES_00, USER_IN_WHITELIST autolearn=ham version=3.1.0
Received: from ca-bay-exch-01.tropos.com (192.168.1.49) by iceblock01.tropos.com with SMTP; 15 Aug 2006 04:07:22 -0000
Received: from LIPC ([192.168.1.157]) by ca-bay-exch-01.tropos.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 14 Aug 2006 21:07:00 -0700
From: "Tony Li" <tli@tropos.com>
To: <curtis@occnc.com>, "'Iljitsch van Beijnum'" <iljitsch@muada.com>
Subject: RE: [RPSEC] FW: AS 8437 announced a quarter of the net for half of an hour
Date: Mon, 14 Aug 2006 21:06:54 -0700
Message-ID: <00a101c6c020$3ec08a50$807d14ac@tropos.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
In-Reply-To: <200608150200.k7F20PnW041703@workhorse.brookfield.occnc.com>
Thread-Index: AcbADa+c6JaaO6juQ7qcQGK1NfmSPwAEjesg
X-OriginalArrivalTime: 15 Aug 2006 04:07:00.0444 (UTC) FILETIME=[41F109C0:01C6C020]
X-Antivirus: Scanned by Tropos Antivirus 1.0.4
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f
Cc: rpsec@ietf.org
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: tony.li@tony.li
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/rpsec>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=subscribe>
Errors-To: rpsec-bounces@ietf.org

 

> I think Tony's point is that no one should be accepting these.  Almost
> all cases of bogus routing that has done damage was accidental.  There
> have been some incidents of intentional bogus routes injected as an
> attack that I know of but these are (or used to be) far less common.


Correct.  The difference between these 'mistakes' and an attack is only
one of intent, and a functional security system should render both
ineffective.  

Until we as a community converge and move forward, these little presents
from the Oort cloud will continue.

Tony



_______________________________________________
RPSEC mailing list
RPSEC@ietf.org
https://www1.ietf.org/mailman/listinfo/rpsec