Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Ettiquette and rules regarding Hijacked ASN's or IP space?

  • From: Mr. James W. Laferriere
  • Date: Tue Jun 10 11:41:48 2003

	Hello Kia ,  In line

On Mon, 9 Jun 2003, Kai Schlichting wrote:
> On 6/9/2003 at 4:06 PM, "Christopher L. Morrow" <chris@UU.NET> wrote:
> > Sure, you are announcing and only that, fine, but are you
> > allowed to announce that prefix? Are you "Centre for Monitoring Indian
> > Economy" ?? Or is this your direct customer and you are just the sat-link
> > provider for him?

> Being able to answer such 64,000-dollar-questions with authority is the
> issue ARIN's registry operations are facing, pass or fail. And you can
> take that literally: the recent hijacking events have put ARIN's rules,
> procedures and current registry data so much into question - it'll be
> (do || die) for them. The inherited Internic data going back almost 20
> years doesn't help things. Indeed, I think that any and all legacy
> assignments should be purged, like the old Usenet, one by one. Some
> things that could be done:

> - contact all owners of IP space or ASNs with a demand to show legal,
>  notarized
>   paperwork showing their company's status as incorporated/active, and/or
>   legal successor to the original registrant. Gotta use those 7 years of
>   business records you're required to hold for something!
	Already in progress .  Using DNS lameness as start basis .  I just
	got a note for an old ip-range I had promised the owner I'd keep
	active and forgot about over the years .

> - non-announced IP space with defunct contacts: -> reserved status, no
>   AS may route those, until resolved per above
	How would you go about admonishing hijackers (or what appears as a
	hijacker) OR the provider that has been given a letter of approval
	from the agency that appears to have the lease ?  ... lots more
	questions in this vein ?  For all of the items mentioned below .
	Just one foopah with a blackhole server & NOone is going to remain
	attached to it .  That has been proven over & over again .  If you
	can not implicitely trust the operator(s) of the blackhole(s)
	operators will etierh run their own of ignore the blackholes .

> - non-announced IP space with working contacts: email to POC every
>   30 days with the legal demands (email/paper mail). After 90 days:
>   network set to 'reserved' status, no AS may announce these,
>   until resolved per above.

> - announced IP space: announcing AS to be contacted in addition to POC
>   for the network object. For AS's in violation, this shall mean that
>   all upstream ASs as visible at popular exchange points should be
>   contacted (at least once) as well.

> - announcing AS's that violate the 'do not announce' rule shall be
>   dealt with in ways similar to the non-cooperating entities described in:
> - they will get their own network
>   objects suspended.

> - complete publicly accessible list of all 'reserved' networks - the
>   DNSBLs and private BGP blackhole feeds will do the rest.
>   Wouldn't you want to know how quiet your inbox can be, when you
>   have a BGP4 blackhole feed with SPEWS L1 as the source...
       | James   W.   Laferriere | System    Techniques | Give me VMS     |
       | Network        Engineer |     P.O. Box 854     |  Give me Linux  |
       | | Coudersport PA 16915 |   only  on  AXP |

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.