|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: BGP-based blackholing/hijacking patented in Australia?
> Bevan Slattery wrote: > Just to ease peoples concerns, the patent has nothing > to do with blackholing. A brief description of the > way it works can be found here: I believe that I am not the only one that is concerned precisely because it is _not_ blackholing, it is hijacking, no matter how legitimate the reason. <me puts the devil's advocate suit on> To say it bluntly, it smells a lot like the illegitimate offspring of an RBL and Verisign's wildcard deal. The phishing con artists redirect the unsuspecting mark to a third-party site, and this stuff also redirects the unsuspecting mark to another page: > Where is the user re-routed to? If an end user is a victim of a scam > and is redirected via the ScamSlam system, then the page they are > redirected to is specified by the agency entering the scam data. D�j� vu: redirect the user's mistakes/stupidity to one's own business. What tells me that the agency is not the back office of the phishing scheme in the first place? Same as spyware: there is anti-spyware out there that deletes all the spyware installed by their competitors and conveniently "forgets" to detect or fix their own. And I also do see good opportunity for joe-jobs here: get some el-cheapo hosting on the hosting server that you want to take down, setup a fake phishing web page, then send phishing email and/or report the dummy phishing to the agency. The IP gets blacklisted and takes down thousands of web sites along with the one that bozo paid $10 one-time for. Gee, it costs less than a movie and popcorn. </me puts the devil's advocate suit on> Oh BTW, good luck trying to blacklist a large zombie pool that collectively hosts the phishing page and individually send their own address and listening port in the phishing email. Why phish on a single IP when one can phish distributed? Anyway, what's the difference with blackholing? The route-map sets the next-hop to a NAT box that dynamically binds the IP addresses contained in the BGP feed (instead of setting the next-hop to a blackhole)? BFD. Trying to patent the wheel is not good for credibility, nor is using the very same stinky methods as the scam artists. Michel.
|