Movatterモバイル変換

[0]ホーム
URL:

Home page logo
basics logo

Security Basicsmailing list archives

PreviousBy DateNext
PreviousBy ThreadNext

RE: IP announce DOS

From: "Andrew Shore" <andrew.shore () holistecs com>
Date: Fri, 10 Jun 2005 16:20:40 +0100
It most definitely is not possible to transfer IP ranges between ISP.The reason is simple. Routing on the internet is done by taking all theip address an isp has and reducing it to one address/maskFor exampleIf I (as an ISP) had address10.1.1.0 - 10.1.255.255 and I gave you 10.1.3.0/24Anyone outside my network would see you class C as part of my class Band route to my b. When data enters my network I know the local route tosend it. Its like driving to street, first you drive to the right city then youfind the right street.This means that to the rest of the world I have only 1 network 10.1.0.0/ 16 so only 1 routing entry in "the world routing table"If you took one of my ranges to another isp this would no longer thecase, routers can hold routes such as network 10.1.0.0/16 exept10.1.3.0/24 this way. So I would have to break down my "world routingtable" entry into many others. Multiply that by the number of ISPs and the number of address and prettyso the global routing table hold millions of routes and every packetgoing across the internet has to be compared against every route tableentry. Then you'll know what a slow internet is.OK so I've realllllly simplified this but that's the general gist andreason why you can take one ISPs address range to another.  HTH-----Original Message-----From: Thomas Ng [mailto:thomasng () ida gov sg] Sent: 10 June 2005 04:50To: 'Alex Thurlow'; security-basics () securityfocus comSubject: RE: IP announce DOSHi,Shouldn't it be that each ISPs have their own big blocks? Chances are,the class C given to you is in the middle of one of these huge blocks. Iam not sure what is your agreement with the old and new ISP, but I don'tthink it is that simple to transfer the same set of IPs from one ISP toanother. It is technically possible ... but I don't think it is thatsimple.Usually what I do when I change ISP is to just ask for a new set of IPsfrom the new ISP, change the DNS, allow the TTLs to run out and shift tothe new sets of IP address. If you play with the DNS correctly, you canget minimal downtime, dependent on size and sophistication of yournetwork.Rgds,Thomas
-----Original Message-----From: Alex Thurlow [mailto:buddychrist () gmail com]Sent: Thursday, June 09, 2005 5:24 AMTo: 'security-basics () securityfocus com'Subject: IP announce DOSImportance: HighI'm not positive this is the correct list to ask, but it is a securityconcern, so I thought I would.  The company I work for had T1 linesrunning to our office provided by a local provider.  We had our own Cblock of IPs being announced by them and routed to us over those T1s.Our relationship with them went sour (for many reasons I won't get
into
here), and we had to move to a different provider.  We had the routingswitched over to them.  Everything was fine.  Here it is a few weekslater, and suddenly our old provider starts announcing these IPs
again.
The end result is a partial DOS attack (hence writing to this list) assome people can't reach us.  They won't stop the announcement.  I
don't
know all the details on what they've said there as it's now gone toexecutives and legal people dealing with them.  Is there anything we
can
do here from a network standpoint?  Someone we can report them to?
How
do people protect themselves from just anyone announcing IPs that
aren't
theirs?Thanks in advance,Alex Thurlow________________________________________SKYLISTEmail Marketing Solutions that DeliverService You Can TrustYou are receiving this email messagefrom a representative of SKYLIST, Inc.13171 Pond Springs Road, Austin, TX 78729Toll Free: 877.250.2922To cease all communication with SKYLIST, visithttp://www.skylist.net/unsubscribeor send an email to unsubscribe () skylist com
PreviousBy DateNext
PreviousBy ThreadNext
Current thread:




[8]ページ先頭


©2009-2025 Movatter.jp