North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Erroneous BGP advertisement

  • From: Dean Anderson
  • Date: Wed Feb 11 14:00:49 1998

At 12:13 PM -0500 2/11/98, Joe  Shaw wrote:
>I thought all responsible parties (like Sprint) filtered their customer
>routes.  I know I can't advertise or leak out anything to MCI or UUNet
>that I havn't registered with them.  I've heard in the past that Sprints
>route acceptance policy was a little on the trusting side, but not
>filtering your customers announcements is just silly.  They (sprint)
>should only allow their customers to advertise their registered IP space
>and stop things like this from happening.

No, the oft heard reason for connecting to Sprint is so that you can
advertise routes for IP space you don't quite own yet, as when trying to
change over a t1 with minimal or no downtime.

Security often comes at the expense of response time, unfortunately.  Trust
is necessary, so it is important for people to be trustworthy, and if they
are not trustworthy, then its important that we have crimminal laws to
apply to them.

I do suggest to the original respondent that he direct his lawyer to look
into 18 USC 1030 and in particular to the penalties for unintentional
damage to a computer engaged in interstate commerce.

If its a mistake, or a hardware failure, there's nothing that can be done.

If its a mistake, and you should have known better, you could get in
trouble. Not as much, but probably enough to make you want to be careful.

If its intentional and malicious, don't be too surprised if they throw the
book at you.


           Plain Aviation, Inc                  [email protected]