Slashdot Mirror

← Back to Stories (view on slashdot.org)

Confronting Address Space Hijackers

Posted by timothy on from the insert-sound-effects dept.

Tawn writes "There's a great story on SecurityFocus about hijackers taking over large allocations of IPv4 space with forged documents and false business fronts. Los Angeles County and some big multinationals have had /16's pulled out from under them in the last few months, and used to inject spam. ARIN and network operators are trying to get a handle on the problem. The owner of a webhosting company that wound up with L.A. County's /16 called it 'borrowed space,' and said he paid $500 for it to a guy he met online."

6 of 334 comments (clear)

  1. Re:hijackers? by coyote-san · · Score: 1, Redundant

    I'm pretty sure that usage follows earlier usage to describe stealing a rig and cargo from a trucker, and is entirely appropriate in this case since it involves the unauthorized redirection of a transportation mechanism from one purpose to another without permission by the owner(s).

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  2. Re:Hijackers? by secolactico · · Score: 1, Redundant

    they should consider selling or renting them out to raise some funds

    Can they do that? As I understood, ARIN only lets you sub-allocate ip space to entities you provide service for (say, downstream ISPs, etc). So unless the county becomes an ISP, I don't think this is feasible. It's been a while since I last dealt with ARIN (bending over backwards to obtain an extra /19) so this might not be the case.

    Sitting on that quantity of Unused IP adresses is just as criminal.

    Agreed. They should return all the unused IP space for re-allocation.

    --
    No sig
  3. Tony Soprano will be hiring you! by MushMouth · · Score: 0, Redundant

    Doesn't this smell like a future standard mob type scam... I mean you used to be able to buy VCR's that "fell off a truck", now you can get subnets!

  4. county abuse by Anonymous Coward · · Score: 1, Redundant

    Why does a county need that many address.... Just how many external address does one county need.
    Toss your county behind a proxy/firewall and use the 10. net to provide local address. Now you can get small group of address for your viable machines.

  5. Re:It's OK... by jellomizer · · Score: 0, Redundant

    Ill sell you a nice 192.168.x.x to the highest bidder

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  6. Re:It's OK... by SmittyTheBold · · Score: 0, Redundant

    192.186.x.x, 10.x.x.x, and 172.[16-31].x.x are all reserved for private, internal routing by anyone. Those addresses are not legal on the public internet, and most routers know to drop traffic with those addressees. Since they don't get routed, it's perfectly safe for separate people to be using the same address without worries of conflicts.

    --
    ± 29 dB