[Dshield] IP Spoofing question

John Holmblad jholmblad at aol.com
Fri Feb 20 16:59:56 GMT 2004


with respect to your example of spam gangs hijacking ip address space, I 
don't understand how a BGP peer gets duped into accepting such bogus 
announcements. Presumably the Peer first establishes a trust 
relationship with the other party BEFORE accepting such route 
advertisements. Are you implying that this scam works because some ISP's 
do not do an adequate job of validating such trust beforehand to 
establish trustworthiness, or is this the case where a formerly trusted 
party "goes rogue"? I suppose it could also happen if a legitimate ISP 
gets bribed or extorted into colluding with such a spam gang to start 
abusing its existing trust relationships.

Best Regards,


John Holmblad


Televerage International


(H) 703 620 0672

(M) 703 407 2278

(F) 703 620 5388


www page:                      www.vtext.com/users/jholmblad

primary email address: jholmblad at aol.com

backup email address:  jholmblad at verizon.net


text email address:         jholmblad at vtext.com

More information about the list mailing list