[anti-abuse-wg] 2019-03 Review Phase (Resource Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 Review Phase (Resource Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 Review Phase (Resource Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carlos Friaças
cfriacas at fccn.pt
Thu Sep 5 22:21:18 CEST 2019
Hi Suresh, Hank, All, On Thu, 5 Sep 2019, Suresh Ramasubramanian wrote: > Hijacked route announcements can be carefully targeted to just a victim AS for any attack. Yes, they can -- and several cases (as far as i read) were already seen when that was done over an IXP. But that doesn't mean that "hijacked" announcement has to be 100% invisible, e.g. if the victim AS is sharing their routing view with someone else... :-) > If that victim AS holder complains to their national CERT the language > here precludes the CERT from reporting into RIPE. It might, yes (and that's not optimal), but the victim AS folks could also theoretically do it by themselves... > That is a technicality as I can't imagine RIPE would refuse reports > from a CERT, but it is worth fixing. *Today*, is there any way for a CERT (National or not) or any victim AS to do it...? (I know that this is already possible in LACNIC. They have WARP -- <pub> https://warp.lacnic.net </pub>) Cheers, Carlos > On 05/09/19, 8:26 PM, "anti-abuse-wg on behalf of Carlos Friaças via anti-abuse-wg" <anti-abuse-wg-bounces at ripe.net on behalf of anti-abuse-wg at ripe.net> wrote: > > > > On Thu, 5 Sep 2019, Hank Nussbacher wrote: > > > On 05/09/2019 16:23, Marco Schmidt wrote: > > > > "A.3.1. Reporting > > Only persons directly affected by a suspected hijack can report to the RIPE > > NCC that another party has announced resources registered to or used by the > > reporter without their consent. " > > > > This thereby precludes any national CERT from reporting to the RIPE NCC any > > suspected hijacks since they are not directly affected. Can this text be > > modified? > > > Hi Hank, All, > > If a national CERT receives an hijacked route, it *is* affected -- in the > sense their packets will go towards a wrongful destination. > > Not sure if the issue is with "person" vs. "organization", but a person > should be able to report it on behalf of an affected organization... > > Regards, > Carlos > > > > Regards, > > Hank > > > >> Dear colleagues, > >> > >> Policy proposal 2019-03, "Resource Hijacking is a RIPE Policy Violation" is > >> now in the Review Phase. > >> > >> The goal of this proposal is to define that BGP hijacking is not accepted > >> as normal practice within the RIPE NCC service region. > >> > >> The proposal has been updated following the last round of discussion and is > >> now at version v2.0. Some of the changes made to version v1.0 include: > >> - Includes procedural steps for reporting and evaluation of potential > >> hijacks > >> - Provides guidelines for external experts > >> - Adjusted title > >> > >> The RIPE NCC has prepared an impact analysis on this latest proposal > >> version to support the community?s discussion. You can find the full > >> proposal and impact analysis at: > >> https://www.ripe.net/participate/policies/proposals/2019-03 > >> https://www.ripe.net/participate/policies/proposals/2019-03#impact-analysis > >> > >> And the draft documents at: > >> https://www.ripe.net/participate/policies/proposals/2019-03/draft > >> > >> As per the RIPE Policy Development Process (PDP), the purpose of this four > >> week Review Phase is to continue discussion of the proposal, taking the > >> impact analysis into consideration, and to review the full draft RIPE > >> Policy Document. > >> > >> At the end of the Review Phase, the Working Group (WG) Chairs will > >> determine whether the WG has reached rough consensus. It is therefore > >> important to provide your opinion, even if it is simply a restatement of > >> your input from the previous phase. > >> > >> We encourage you to read the proposal, impact analysis and draft document > >> and send any comments to <anti-abuse-wg at ripe.net> before 4 October 2019. > >> > >> > >> Kind regards, > >> > >> Marco Schmidt > >> Policy Officer > >> RIPE NCC > >> > >> > > > > >
- Previous message (by thread): [anti-abuse-wg] 2019-03 Review Phase (Resource Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 Review Phase (Resource Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]