In message <bd2d7aeac3fa49afa090e4869977d227@BLUPR03MB166.namprd03.prod.outlook .com>, Marsh Ray writes:
From: Christopher Morrow Sent: Wednesday, August 7, 2013 2:06 PM
On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray <maray@microsoft.com> wrote:
It would be incredibly useful for someone to start a page or a category on Wikipedia "List of Internet Routing and DNS Incidents" that would include both "accidental" and malicious events.
do we really need that?
Have you ever heard of someone using IP addresses as an access control mechanism? (AKA, "IP whitelist")
Yes. I've even had to configure my DHCP client to auto generate requests to get the whitelist updated when my ISP gives my cable modem a new address. They are used all the time to allow access to DNS servers. If fact we ship nameservers where the default setting whitelist particular sets of clients (directly connected) by default.
When I hear about this, I would really *love* to be able to link them to a credible source.
they seem to occur often enough that that isn't really required :(
*I* believe you, but in practice that's not sufficient to convince many other folks. Currently, a section of a page on Wikipedia lists 7 incidents going back to 1997. http://en.wikipedia.org/wiki/IP_hijacking#Public_incidents
Serious question: Do folks here feel that is an accurate representation of this phenomenon in practice?
- Marsh -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org