RE: BGP-based blackholing/hijacking patented in Australia?
Stephen J. Wilcox wrote: This is not IP hijacking by any means,
Mmmm. What tells you that these routes won't be announced to peers or won't leak? We are not supposed to see announcements for bogons nor for RFC1918 space, but we do. Thinking about it, I agree that "hijacking" is not the proper term though as it is generally understood as announcing/using a netblock that belongs to an entity long gone (preferably from the swamp, so one can try to modify everything possible in whois info and claim ownership) or is un-allocated. Would this be "kidnapping"? This is to blacklisting what wildcarding is to NXDOMAIN. If the domain does not exist, you get an error not the web page you get when it's wilcarded. If the IP is blackholed, you get an error not the web page you get when it's kidnapped. Michel.
On Fri, 13 Aug 2004, Michel Py wrote:
Stephen J. Wilcox wrote: This is not IP hijacking by any means,
Mmmm. What tells you that these routes won't be announced to peers or won't leak? We are not supposed to see announcements for bogons nor for RFC1918 space, but we do.
Thinking about it, I agree that "hijacking" is not the proper term though as it is generally understood as announcing/using a netblock that belongs to an entity long gone (preferably from the swamp, so one can try to modify everything possible in whois info and claim ownership) or is un-allocated.
Would this be "kidnapping"?
Hmm, I think its about scope, if you pretend to be another company or announce their space its hijacking, if you dont accept routes internally or modify routes internally then its not hijacking. And yes, anyone leaking these routes is this doing something wrong (as they are with bogons etc)
This is to blacklisting what wildcarding is to NXDOMAIN. If the domain does not exist, you get an error not the web page you get when it's wilcarded. If the IP is blackholed, you get an error not the web page you get when it's kidnapped.
Transparent caching has done this for a long time, the difference is it only works on traffic passing through the adjacent router, with this you can pull traffic from all over your network back to a single cache Steve
participants (2)
-
Michel Py
-
Stephen J. Wilcox