On Sat, 28 Sep 1996, Matthew Petach wrote:
I think your letter will raise the awareness of this kind of problem. Of course we all know it's possible, but it's not a problem that we've had to deal with on a malicious level.
? I do assume that there's no doubt the evil-isp is doing this maliciously?
This is the third time they've done this. The first two times we chalked up to ignorance and stupidity.
This time, though, we're not as willing to give them the benefit of the doubt.
I don't believe you. If you were as confident as you say you are that this is an evil ISP you would have just said: Evilnet Inc. is blackholing my routes. I've sent mail to techie@evilnet.inc, bigboss@evilnet.inc and chambermaid@evilnet.inc and nobody returns my mail. I phoned them at 1-888-555-2222 and left voicemail, I faxed them at 1-888-555-1111 and I don't get any response. In this way you accomplish the following: 1) clear identification of the problem, i.e. blackholed routes 2) clear identification of who seems to be causing the problem 3) clear identification of the contact means that you tried and the results or lack thereof obtained. As a result, somebody who happens to know that Joe Bloe is the techie at EvilNet can call Joe at home and say, "Hey Joe, did you know that so-and-so doesn't like what you are doing and can't get a hold of you by email or telephone. Maybe you better fix this...". Or it could be Evilnet's upstream who contacts them. Or somebody could email you Evilnet's secret "human" NOC phone number, or whatever.
We did this last time, in complaining to MCI, their upstream provider, and MCI responded in record time, putting in a temporary filter for those blocks in less than 36 hours.
That helped for about 30 seconds, before we found that they then announced the same blocks through a second connection which hadn't shown up as a path previously when we did a 'show ip bgp 205.158.193.0 255.255.255.0 l'
Trying to solve a social problem with technology often results in this kind of thing.
I miss the older, more democratic days of the net, but it seems the overall level of knowledge and skill is dropping, forcing more and more levels of checks and balances to prevent abuse either through stupidity and ignorance, or malicious intent.
I think you are jumping to conclusions here by assuming it is due to stupidity, ignorance or malicious intent. I strongly suspect that it is due to lack of information and work overload. Lack of information is subtly but significantly different from stupidity and ignorance and you yourself are contributing to Evilnet's lack of information by withholding important information about the problem. Shine the light of day on the problem and it will soon clear up. Throw all the relevant information into the "public" NANOG mailing list pool and numerous avenues for action will open up. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com