[nsp-sec] "Vietnam Posts and Telecommunications" returned by cymru whois server
John Fraizer
john at op-sec.us
Thu Mar 27 21:12:00 EDT 2008
I'll jump forward and remind folks that the result of these queries shows not who is ASSIGNED the address space but rather who is ROUTING it from the view of CYMRU and their many BGP feeds.
John Fraizer
Senior Internetworking Engineer
NOC Engineering
NuVox Communications, Inc
(864)331-7575 work
-Sent from my Treo SmartPhone
-----Original Message-----
From: Stephen Gill <gillsr at cymru.com>
Date: Thursday, Mar 27, 2008 9:07 pm
Subject: Re: [nsp-sec] "Vietnam Posts and Telecommunications" returned by cymru whois server
To: Rob Thomas <robt at cymru.com>, Dave Mitchell <davem at yahoo-inc.com>
CC: nsp-security at puck.nether.net
----------- nsp-security Confidential --------
>
>>>> why? it seems kinda useful actually... like in this case it tells us that
>>> someone is announcing publicly a block that they shouldn't be.
>
>The original design was actually set this way on purpose - leave RFC 1918 in so others can see the leaks which allows for transient issues to appear like everything else. I believe we were filtering RFC 1918 in cases where it didn't appear to be a leak (direct announcements), so I don't necessarily know if anything needs to change but as Rob said, we'll double check.
>
>-- steve
>
>--
>Stephen Gill, Chief Scientist, Team Cymru
>http://www.cymru.com | +1 312 924 4023 | gillsr at cymru.com
>
>
>
>
>_______________________________________________
>nsp-security mailing list
>nsp-security at puck.nether.net
>https://puck.nether.net/mailman/listinfo/nsp-security
>
>Please do not Forward, CC, or BCC this E-mail outside of the nsp-security community. Confidentiality is essential for effective Internet security counter-measures.
>_______________________________________________
>
More information about the nsp-security
mailing list