Alex Pilosov wrote: > Oh yeah, d'oh! Thanks for correction. But that is also an important point > against PHAS and IRRPT filtering - they are powerless against truly > malicious hijacker (one that would register route in IRR, add the > right origin-as to AS-SET, and use correct origin).
With a decent LIR DB (like the RIPE DB) this is only possible if an hijacker breaks the authentication of the according database objects which is a pain in the a** _if_ the objects use a proper authentication scheme like PGP. -- Arnd
