14 Nov
2014
14 Nov
'14
1:47 p.m.
On Mon, Nov 10, 2014 at 12:14 AM, Gert Doering <gert@space.net> wrote:
Now, enabling creation of database entries without authentication for the good guys (because we had no idea how to *do* authentication for these objects, the RPSL-dist-auth drafts didn't really fly) also enables this attack angle.
And Krebs weighs in with episode #2 - now with additional statements from RIPE NCC, and documenting the scale of this hijack. http://krebsonsecurity.com/2014/11/network-hijackers-exploit-technical-looph... --srs -- Suresh Ramasubramanian (ops.lists@gmail.com)