PDA

View Full Version : Be careful who you talk with...


BlankBox
9th Nov 2018, 03:38
https://arstechnica.com/information-technology/2018/11/strange-snafu-misroutes-domestic-us-internet-traffic-through-china-telecom/?comments=1

ethicalconundrum
9th Nov 2018, 04:51
I don't know if this will scare you, or placate you but this kind of stuff happens all the time with BGP routes. Some of it is intentional, some of it is accidental. Some of it we never really know. All I can tell you is that the guys who do this for a living know when packets are starting to get distance latency delays, and there are specific things we look for and troubleshoot 7/24/365.

A few months ago, we had a new network 'analyst' in Penang who was horsing around in the BGP world and started messing up traffic. Most big IP admins got together and 'punished' the place for a few days, and they got the message. It is somewhat of a self-regulated, self-moderated world out there in ether-land. Don't let it worry you too much. Only the rubes got caught with this one.

The Nr Fairy
9th Nov 2018, 07:32
"Snafu" - China Telecom has the largest US presence of any foreign telco. I wonder why...

cattletruck
9th Nov 2018, 07:57
Kinda weird nobody ran a traceroute for two and a half years.... maybe they were more focussed on passing their next network certification exams.

ethicalconundrum
9th Nov 2018, 15:42
"Snafu" - China Telecom has the largest US presence of any foreign telco. I wonder why...

Because we sell and buy a lot of comms gear from China Mobile ltd. There are no services provided in the US by China Mobile.

https://www.theverge.com/2018/7/3/17532554/china-mobile-us-ban-trump-ntia-fcc

This has been the case since forever. No one with any kind of common sense uses China telecom for network traffic.

BTW, network admins run tracing and other tests constantly. This example was blown all out of proportion. Only a tiny, insignificant segment of a few networks were mistakenly rerouted. And that that were, are likely legacy networks with little or no care or interest in latency.

Ant
10th Nov 2018, 18:32
Kinda weird nobody ran a traceroute for two and a half years....

Maybe they did, and the traceroute results were spoofed by something similar to a man-in-the-middle attack, if indeed that is possible!

Gertrude the Wombat
10th Nov 2018, 19:02
Maybe they did, and the traceroute results were spoofed by something similar to a man-in-the-middle attack, if indeed that is possible!
Don't see why not OTTOMH - there isn't any security in ICMP.

flash8
10th Nov 2018, 19:25
Don't see why not OTTOMH - there isn't any security in ICMP.
Not only that, many firewalls stupidly pass through ICMP traffic, as long ago as twenty years modified/malformed ICMP echo requests (+payload) subverted internal network security. When I worked as a (contract) Firewall Engineer at BT Internal Network Security (in a building in Edinburgh that was hidden from public view and surrounded by heavy security where they controlled their worldwide empire. behind Telephone House, Gorgie :) don't mind admitting now as it has been knocked down along with Telephone House!) they were absolutely ruthless about configuring rules, going through multiple levels of change control... we were told that if we twiddled about even slightly it would mean instant dismissal and possibly prison... one guy was marched off the premises and never heard of again...