Slashdot Mirror

← Back to Stories (view on slashdot.org)

Confronting Address Space Hijackers

Posted by timothy on from the insert-sound-effects dept.

Tawn writes "There's a great story on SecurityFocus about hijackers taking over large allocations of IPv4 space with forged documents and false business fronts. Los Angeles County and some big multinationals have had /16's pulled out from under them in the last few months, and used to inject spam. ARIN and network operators are trying to get a handle on the problem. The owner of a webhosting company that wound up with L.A. County's /16 called it 'borrowed space,' and said he paid $500 for it to a guy he met online."

7 of 334 comments (clear)

  1. Does LA county even need a public /16? by realdpk · · Score: 4, Insightful

    Judging by the article, LA county was using that /16 for internal routing only. I understand that they probably got it when it was easy to get, but do they really still need it? On that note, how much IP space that is allocated is actually in use? I heard something like 25%..

    1. Re:Does LA county even need a public /16? by Yuan-Lung · · Score: 4, Insightful

      Does it make sense for some people to have multiple mensions while some others can't find a place to live?
      Does it make sense for a small group people to hug a huge chunk of the worlds, while the others starve?
      But hey, that's how the world works, for now and the foreseeable future, anyways.

  2. Sounds like something Enron would do... by Anonymous Coward · · Score: 3, Insightful

    I'd never heard of Enron before they started running TV ads about how they sub-rented "unused bandwidth" from multi-nationals during their off-hours.

    It wouldn't surprise me that this is one scam that they would have tried to pull.

    I don't know about the rest of the world, and IANAL, but I rather suspect that any member in good standing of the Communications Bar would be able to make a very strong case about willful interference with a communications system.

    Next thing you know, they'll be lighting OPDF. (Other People's Dark Fibre)

  3. Fraud is common by msobkow · · Score: 3, Insightful

    With the still-ongoing cases over domain theft and fraud, is it at all surprising that it's also active in areas like IP block assignments?

    I get SPAM with faked reply-to, sent-by, and domain names. Most hacks against my systems are from IP addresses that don't resolve back to a valid domain.

    The only shock here is that someone was dumb enough to think they could get a /16 for only $500.

    --
    I do not fail; I succeed at finding out what does not work.
  4. Only the beginning by globalar · · Score: 3, Insightful

    This problem will grow with more address space. Though the value of individual addresses will diminish in the future with IPv6, it is important to keep virtual property lines clear. This needs to be handled now. Exceptions made are only going to lead to problems in the future.

  5. Re:Hijackers? by koh · · Score: 4, Insightful

    Sitting on that quantity of Unused IP adresses is just as criminal.

    I do agree with you here, but... ever heard about natural selection ?

    IPv4 addresses have been designed in a time when there were at most a dozen people expecting IP to be used by more than a million users in the future. Just like the w2k bug (failed to) prove, old things should eventually die so that new ones can take the free slot. Yup, just like spammers should die so that other people may use those IP slots, but I digress.

    IPv6 is here and would resolve the problem. This requires a huge switch however, and people won't be ready for it unless natural selection proves IPv4 hopelessly doomed.

    So let spammers accumulate IPv4 addresses just a little more ;)

    --
    Karma cannot be described by words alone.
  6. This is going to keep happening... by cheetah · · Score: 3, Insightful

    This is going to keep happening until Arin starts pushing Ipv6. The real problem is that currently getting Ipv6 costs money and doesn't get you very far. Look at it this way... currently a Ptla /32 costs $2500 a year. But people that have been sitting on Ipv4 blocks for years don't pay anything. I know of two Isp's that would like to offer Ipv6 the their customers but because they don't have their own Ipv4 netblocks they don't want to pay $2500 a year just so few of their customers have Ipv6. So instead of getting Ipv6 and moving away from Ipv4 they are forced to stay with Ipv4. I think that the situation is currently backwards to the way it should be. Arin ( and other Ipv4 providers ) should be charging next to nothing for Ipv6 netbocks ($100 or so) and slowly start charging for Ipv4 blocks each year. So for the first year charge $100 for each Ipv4 block (on top of any other fees). The second year the would charge 500 and the year after that 1000 and then 3000 and so on... Until we start charging more for Ipv4 address's than Ipv6 we will have people trying to hijack current Ipv4 netblocks... The more people that can get switched over to Ipv6 the sooner the better. If everyone was using Ipv6 this will no longer be a problem...