[arin-ppml] 134.17.0.0/16

Chris Grundemann cgrundemann at gmail.com
Thu May 1 13:51:44 EDT 2008 

On Thu, May 1, 2008 at 11:11 AM, Dylan Ebner <dylan.ebner at crlmed.com> wrote:
>
>
>
> Does ARIN have any kind of policy for recommendations to be made to it's
> members for dealing with this kind of accused abuse?
> Does ARIN recommend that other organizations block incomming traffic from
> these "hijacked" IP blocks?
> I am curious to what people's opinion is on this matter. Should the ARIN
> community try to block incoming traffic from organizations that engage in
> this pracrice as a means to defer people from attempting this kind of IP
> takeover?

I think you raise a great question and one that begs a couple more:

What is the most efficient manner of tracking this type of squatting /
hijacking?
Is there a method efficient enough to make it realistically plausible
to keep a running list?
Is there an organization equipped to maintain such a list?

If there are good answers to these questions then we could leverage
such a routing blacklist against those who would operate on any
current or future IP black market.  I think this would be very
beneficial to the community as a whole because as you note, most of
the people who would use IP space inappropriately are using it for
something inappropriate.

~Chris

>
> As for my company,  we take a fairly hard line on what IP blocks we allow
> inbound and therefore we block traffic from Russia, China, etc. because we
> have deemed our employees do not need to surf those sites while working. I
> have been debating since I read about the Media Breakaway story if for
> security reasons we should block their IP block as well. If they are willing
> to engage in this kind of practice, what else are they willing to do?
>
>
>  ________________________________
>  From: arin-ppml-bounces at arin.net on behalf of Jon Lewis
> Sent: Thu 5/1/2008 11:51 AM
> To: Andrew Dul
> Cc: ppml at arin.net
> Subject: Re: [arin-ppml] 134.17.0.0/16
>
>
>
>
>
> On Thu, 1 May 2008, Andrew Dul wrote:
>
> >
> http://blog.washingtonpost.com/securityfix/2008/04/a_case_of_network_identity_the_1.html
>
> This is kind of old news, but it'll be very interesting to see how ARIN
> handles it, and if it ends up in court, how it's decided.
>
> ----------------------------------------------------------------------
>   Jon Lewis                   |  I route
>   Senior Network Engineer     |  therefore you are
>   Atlantic Net                |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to the ARIN Public
> Policy
> Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact the ARIN Member Services Help Desk at info at arin.net if you
> experience any issues.
>
>
> _______________________________________________
>  PPML
>  You are receiving this message because you are subscribed to the ARIN
> Public Policy
>  Mailing List (ARIN-PPML at arin.net).
>  Unsubscribe or manage your mailing list subscription at:
>  http://lists.arin.net/mailman/listinfo/arin-ppml
>  Please contact the ARIN Member Services Help Desk at info at arin.net if you
> experience any issues.
>
>



-- 
Chris Grundemann
www.linkedin.com/in/cgrundemann

More information about the ARIN-PPML mailing list