On Wed, Mar 5, 2014 at 5:19 PM, Owen DeLong <[email protected]> wrote: > > And any person deciding to announce 1.2.3.0/24 to the open network, would > have to face a massive traffic storm anyway. prop-109 by Geoff Huston > mentions the traffic flowing to certain easily-remembered ranges. Assuming > that 1.2.3.0/24 gets even 50Mbps of traffic if I announce it to the > Internet, that is till still an expensive pipe, and probably not worth it > on the off-chance that a random user will use it and allow "evil me" to > redirect him to the particular bank that he is a member of, and which I am > forging a website for. > > Never underestimate the willingness of a malefactor to subject hosts he > controls (but probably doesn't own) or even hosts he doesn't necessarily > control to vast quantities of traffic.
Owen, Can you give me an example of what would be the scenario here? Assuming I am the upstream ISP of the "hosts I control, willing to subject them to vast quantities of traffic". Would I announce 1.2.3.0/24 upstream, and point it to my customer's link? Or would I announce 1.2.3.0/24 from another ISP's origin AS? How would (evil me) be able to hurt hosts other than on _my_ network? I am not doubting that people would not want to misuse this, but how would this work in the case you have outlined? -- Sanjeev Gupta +65 98551208 http://sg.linkedin.com/in/ghane
* sig-policy: APNIC SIG on resource management policy * _______________________________________________ sig-policy mailing list [email protected] http://mailman.apnic.net/mailman/listinfo/sig-policy
