Re: Lawsuits for falsyfying DNS responses ?

On 2016-09-13 03:42, LHC wrote: > I believe that the CRTC has rules against censorship - meaning that > Videotron, Bell etcetera have a choice between following the CRTC code or the > provincial law (following one = sanctions from the other), rendering internet > service provision to Québec

Re: "Defensive" BGP hijacking?

On 13/09/2016 23:22, Blake Hudson wrote: > Ca By wrote on 9/13/2016 2:53 PM: >> On Tuesday, September 13, 2016, Bryant Townsend >> wrote: >> >> Tip to the RIR policy folks, you may want to make this point very >> crisp. A >> BGP ASN is the fundamental accountability

Re: "Defensive" BGP hijacking?

On Tuesday, September 13, 2016, Doug Montgomery wrote: > If only there were a global system, with consistent and verifiable security > properties, to permit address holders to declare the set of AS's authorized > to announce their prefixes, and routers anywhere on the

Re: "Defensive" BGP hijacking?

If only there were a global system, with consistent and verifiable security properties, to permit address holders to declare the set of AS's authorized to announce their prefixes, and routers anywhere on the Internet to independently verify the corresponding validity of received announcements.

Re: Lawsuits for falsyfying DNS responses ?

When worded this way in a legal context, I’m pretty sure it is equivalent. That is “may not” means “is not allowed to”. Owen > On Sep 13, 2016, at 8:29 AM, Alain Hebert wrote: > >Well "may" is not "must". > > “260.34. An Internet service provider may not give access

Re: Akamai Edgescape query

I do? Drop us a note with your request to peer...@akamai.com and we're happy to see if we can accommodate. Best, -M< AS 20940 / AS 32787 On Tue, Sep 13, 2016 at 3:42 AM, Janusz Jezowicz wrote: > Hello, > > We are doing some network research to various cloud/CDNs

Re: "Defensive" BGP hijacking?

@Blake - I think you misinterpreted my remarks of how this experience will shape the future company policy. I meant to portray that the company will not use these tactics again and that any future threats will be handled differently.

Re: "Defensive" BGP hijacking?

--- h...@slabnet.com wrote: On Tue 2016-Sep-13 13:32:56 -0700, Scott Weeks wrote: >--- bry...@backconnect.com wrote: >From: Bryant Townsend >@ca & Matt - No, we do not plan to ever intentionally perform a >non-authorized BGP hijack in the

Re: "Defensive" BGP hijacking?

On Tue 2016-Sep-13 13:32:56 -0700, Scott Weeks wrote: --- bry...@backconnect.com wrote: From: Bryant Townsend @ca & Matt - No, we do not plan to ever intentionally perform a non-authorized BGP hijack in the future.

Re: "Defensive" BGP hijacking?

--- bry...@backconnect.com wrote: From: Bryant Townsend @ca & Matt - No, we do not plan to ever intentionally perform a non-authorized BGP hijack in the future. Bryant, Who was the upstream provider? scott

Re: "Defensive" BGP hijacking?

Ca By wrote on 9/13/2016 2:53 PM: On Tuesday, September 13, 2016, Bryant Townsend wrote: @ca & Matt - No, we do not plan to ever intentionally perform a non-authorized BGP hijack in the future. Great answer. Thanks. Committing to pursuing a policy of weaponizing BGP

Re: "Defensive" BGP hijacking?

On Tuesday, September 13, 2016, Bryant Townsend wrote: > @ca & Matt - No, we do not plan to ever intentionally perform a > non-authorized BGP hijack in the future. > > Great answer. Thanks. Committing to pursuing a policy of weaponizing BGP would have triggered a

Re: "Defensive" BGP hijacking?

@ca & Matt - No, we do not plan to ever intentionally perform a non-authorized BGP hijack in the future. @Steve - Correct, the attack had already been mitigated. The decision to hijack the attackers IP space was to deal with their threats, which if carried through could have potentially lead to

Re: "Defensive" BGP hijacking?

On Tue, Sep 13, 2016 at 10:25 AM Bryant Townsend wrote: > I also wanted to let Hugo (who started the thread) know > that we harbor no hard feelings about bringing this topic up, as it is > relevant to the community and does warrant discussion. Hugo, you may owe me > a

Re: "Defensive" BGP hijacking?

Blake, I concur that these are key questions. Probably _the_ key questions. The fabric of the Internet is today based on trust, and BGP's integrity is the core of that trust. I realize that BGP hijacking is not uncommon. However, this is the first time I've seen in it used defensively. I

Re: "Defensive" BGP hijacking?

> On Sep 13, 2016, at 12:22 AM, Bryant Townsend wrote: > > *Events that caused us to perform the BGP hijack*: After the DDoS attacks > subsided, the attackers started to harass us by calling in using spoofed > phone numbers. Curious to what this was all about, we fielded

Re: "Defensive" BGP hijacking?

Bryant Townsend wrote on 9/13/2016 2:22 AM: This was the point where I decided I needed to go on the offensive to protect myself, my partner, visiting family, and my employees. The actions proved to be extremely effective, as all forms of harassment and threats from the attackers immediately

Re: "Defensive" BGP hijacking?

What would you have done if the personal harassment didn't stop? What would you have done if they simply switched to a new source range/different set of bots? Seems like a very slippery slope to me. Spencer Ryan | Senior Systems Administrator | sr...@arbor.net Arbor

Re: "Defensive" BGP hijacking?

+1 to this question. Bryant, thanks for giving us your side of this story. Matt Freitag Network Engineer I Information Technology Michigan Technological University (906) 487-3696 <%28906%29%20487-3696> https://www.mtu.edu/ https://www.it.mtu.edu/ On Tue, Sep 13, 2016 at 12:22 PM, Ca By

Re: Lawsuits for falsyfying DNS responses ?

On Tue, 13 Sep 2016 08:29:25 -0400, Alain Hebert said: > Well "may" is not "must". > > “260.34. An Internet service provider may not give access to an online > gambling site whose operation is not authorized under Québec law. Note that most legal jurisdictions don't include RFC2119 as part

Re: "Defensive" BGP hijacking?

On Tuesday, September 13, 2016, Bryant Townsend wrote: > Hello Everyone, > > > I would like to give as much insight as I can in regards to the BGP hijack > being discussed in this thread. I won’t be going into specific details of > the attack, but we do plan to release

Re: Lawsuits for falsyfying DNS responses ?

I believe that the CRTC has rules against censorship - meaning that Videotron, Bell etcetera have a choice between following the CRTC code or the provincial law (following one = sanctions from the other), rendering internet service provision to Québec impossible without being a dialup provider

Re: "Defensive" BGP hijacking?

Hello Everyone, I would like to give as much insight as I can in regards to the BGP hijack being discussed in this thread. I won’t be going into specific details of the attack, but we do plan to release more information on our website when we are able to. I also wanted to let Hugo (who started

Re: Lawsuits for falsyfying DNS responses ?

In article you write: >Canada's Anti-Spam Legislation has specific sections that makes altering >of data illegal under the Act. > >In my non-lawyer opinion, sections 10 (5) (b) and (e) would be violated >by hijacking someone preference to go to

Re: Lawsuits for falsyfying DNS responses ?

Jean-Francois, Canada's Anti-Spam Legislation has specific sections that makes altering of data illegal under the Act. In my non-lawyer opinion, sections 10 (5) (b) and (e) would be violated by hijacking someone preference to go to Website A and replace it with Website B without their

Re: "Defensive" BGP hijacking?

Redirecting someone's traffic, with out there permission or a court order, by a court in your jurisdiction, not a lot different then the "bad guys" themselves. On Sun, Sep 11, 2016 at 5:54 PM, Hugo Slabbert wrote: > Hopefully this is operational enough, though obviously

Re: Lawsuits for falsyfying DNS responses ?

Well "may" is not "must". “260.34. An Internet service provider may not give access to an online gambling site whose operation is not authorized under Québec law. - Alain Hebertaheb...@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770

Re: Lawsuits for falsyfying DNS responses ?

On Tue, Sep 13, 2016 at 07:12:59AM +0200, JÁKÓ András wrote a message of 18 lines which said: > Blocking for that purpose usually means redirecting in > practive. You'll redirect to a page that explains why the original > site is not available. It has practical

Re: Lawsuits for falsyfying DNS responses ?

On Mon, Sep 12, 2016 at 04:08:08PM -0400, William Herrin wrote: > On Mon, Sep 12, 2016 at 1:41 PM, Jean-Francois Mezei > wrote: > > To do so, it will provide ISPs with list of web sites to block > > > > Are there examples of an ISP getting sued because it redirected

Re: Lawsuits for falsyfying DNS responses ?

On Mon, Sep 12, 2016 at 01:41:16PM -0400, Jean-Francois Mezei wrote: > Are there examples of an ISP getting sued because it redirected traffic > that should have gone to original site ? This happened with Paxfire (and the ISPs that used them) in 2011.

Re: Looking for recommendations for a dedicated ping responder

Hello Dan, I think that Personar meets your needs Take a look at: http://www.perfsonar.net/about/what-is-perfsonar/ Regards, Pablo On Fri, Sep 9, 2016 at 4:52 PM, Dan White wrote: > Are there any products you're using which are dedicated to responding to > customer facing