[Dshield] IP Spoofing question

John Holmblad jholmblad at aol.com
Fri Feb 20 16:59:56 GMT 2004


Stephane,

with respect to your example of spam gangs hijacking ip address space, I 
don't understand how a BGP peer gets duped into accepting such bogus 
announcements. Presumably the Peer first establishes a trust 
relationship with the other party BEFORE accepting such route 
advertisements. Are you implying that this scam works because some ISP's 
do not do an adequate job of validating such trust beforehand to 
establish trustworthiness, or is this the case where a formerly trusted 
party "goes rogue"? I suppose it could also happen if a legitimate ISP 
gets bribed or extorted into colluding with such a spam gang to start 
abusing its existing trust relationships.
-- 

Best Regards,

 

John Holmblad

 

Televerage International

 

(H) 703 620 0672

(M) 703 407 2278

(F) 703 620 5388

 

www page:                      www.vtext.com/users/jholmblad

primary email address: jholmblad at aol.com

backup email address:  jholmblad at verizon.net

 

text email address:         jholmblad at vtext.com




More information about the list mailing list