Slashdot Mirror


Chinese ISP Hijacks the Internet (Again)

CWmike writes "For the second time in two weeks, bad networking information spreading from China has disrupted the Internet. On Thursday morning, bad routing data from a small Chinese ISP called IDC China Telecommunication was re-transmitted by China's state-owned China Telecommunications, and then spread around the Internet, affecting Internet service providers such as AT&T, Level3, Deutsche Telekom, Qwest Communications, and Telefonica. 'There are a large number of ISPs who accepted these routes all over the world,' said Martin A. Brown, technical lead at Internet monitoring firm Renesys. Brown said the incident started just before 10 am Eastern and lasted about 20 minutes. During that time the Chinese ISP transmitted bad routing information for between 32,000 and 37,000 networks, redirecting them to IDC instead of their rightful owners. These networks included about 8,000 US networks, including those operated by Dell, CNN, Starbucks, and Apple. More than 8,500 Chinese networks, 1,100 in Australia, and 230 owned by France Telecom were also affected."

5 of 171 comments (clear)

  1. Not unintentional by Nickodeemus · · Score: 5, Interesting

    All that data routed to the wrong place accidentally... hmmm sounds like a perfect excuse to me - for intelligence gathering. If it passes through their routers, they have the data.

  2. Blacklist 'em by DogDude · · Score: 5, Interesting

    Until China learns how to act as responsible Internet citizens, I'll continue to blackhole as many of Chinese subnets as I can find both at work and home. Spam, malware, and every kind of crap comes from China, and I don't do business with any Chinese, so it's a no-brainer.

    --
    I don't respond to AC's.
    1. Re:Blacklist 'em by PNutts · · Score: 5, Interesting

      Until China learns how to act as responsible Internet citizens, I'll continue to blackhole as many of Chinese subnets as I can find both at work and home. Spam, malware, and every kind of crap comes from China, and I don't do business with any Chinese, so it's a no-brainer

      Well, since more SPAM comes from the US I assume you'll block those subnets too? http://www.spamhaus.org/statistics/countries.lasso

      Also, in March the US was the source of most malware, but since you already have that blocked for SPAM you should also block Korea who for some reason in the month of April took the lead. http://www.infosecurity-us.com/view/8547/korea-reigns-as-king-of-malware-threats-/

      In regard to China learning how to act as responsible Internet citizens, you are not leading by example.

  3. What about signing & certificates? by Turzyx · · Score: 5, Interesting

    The ISP in question only controls 30 networks, yet other routers blindly accepted thousands. Why isn't there basic verification of such re-configurations? I'm actually very shocked, the potential for abuse is huge; and TWICE as well.

  4. Re:Chinese bashing? by Blackbrain · · Score: 5, Interesting

    This kind of thing happens all of the time. Subscribe to the operators list at http://www.nanog.org/ and you will see reports of mis-announced prefixes every month or two. This is just China bashing and media sensationalism. (Which I do mind very much, thank you)

    --
    Where would we be if Wheel had hid her round rock in a cave instead of showing everyone how it rolls?