[nsp-sec] "Vietnam Posts and Telecommunications" returned by cymru whois server

[Stephen Gill]

Bingo.

-- steve

On 3/27/08 6:12 PM, "John Fraizer" <john at op-sec.us> wrote:

> I'll jump forward and remind folks that the result of these queries shows not
> who is ASSIGNED the address space but rather who is ROUTING it from the view
> of CYMRU and their many BGP feeds.
> 
> 
> John Fraizer
> Senior Internetworking Engineer
> NOC Engineering
> NuVox Communications, Inc
> (864)331-7575 work
> -Sent from my Treo SmartPhone
> -----Original Message-----
> From: Stephen Gill <gillsr at cymru.com>
> Date: Thursday, Mar 27, 2008 9:07 pm
> Subject: Re: [nsp-sec] "Vietnam Posts and Telecommunications" returned by
> cymru whois server
> To: Rob Thomas <robt at cymru.com>, Dave Mitchell <davem at yahoo-inc.com>
> CC: nsp-security at puck.nether.net
> 
> ----------- nsp-security Confidential --------
>> 
>>>>> why? it seems kinda useful actually... like in this case it tells us that
>>>> someone is announcing publicly a block that they shouldn't be.
>> 
>> The original design was actually set this way on purpose - leave RFC 1918 in
>> so others can see the leaks which allows for transient issues to appear like
>> everything else.  I believe we were filtering RFC 1918 in cases where it
>> didn't appear to be a leak (direct announcements), so I don't necessarily
>> know if anything needs to change but as Rob said, we'll double check.
>> 
>> -- steve
>> 
>> -- 
>> Stephen Gill, Chief Scientist, Team Cymru
>> http://www.cymru.com | +1 312 924 4023 | gillsr at cymru.com
>> 
>> 
>> 
>> 
>> _______________________________________________
>> nsp-security mailing list
>> nsp-security at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/nsp-security
>> 
>> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
>> community. Confidentiality is essential for effective Internet security
>> counter-measures.
>> _______________________________________________
>>