From meeting at ripe.net Thu Apr 6 10:06:58 2006 From: meeting at ripe.net (RIPE NCC meeting coordinator) Date: Thu, 6 Apr 2006 10:06:58 +0200 Subject: RIPE 52: Plenary Agenda Message-ID: <20060406100658.1e2f1d25.meeting@ripe.net> [Apologies for duplicate mails] Dear Colleagues, RIPE 52 will be held 24 - 28 April 2006 at the Ceylan InterContinental Hotel in Istanbul, Turkey. RIPE 52 PLENARY AGENDA The plenary agenda and presentation abstracts are available at: http://www.ripe.net/ripe/meetings/ripe-52/presentations/ MEETING PLAN The meeting plan is available at: http://www.ripe.net/ripe/meetings/ripe-52/meeting-plan.html RIPE NCC SERVICE CENTRE The RIPE NCC Service Centre, open to all meeting attendees, will be introduced at RIPE 52. The centre is available to RIPE NCC members and non-members. RIPE NCC staff will be available to answer your questions on subjects including: - Internet resource requests (IPv4, IPv6, Autonomous System Numbers) - The RIPE Whois Database - Invoice, billing and administrative queries - RIPE NCC Training Courses and the RIPE NCC E-Learning Centre - Routing Information Services (RIS), and BGPlay - rDNS, DNSSEC, DNSMON How to become a Local Internet Registry (LIR) More information is available at: http://www.ripe.net/ripe/meetings/ripe-52/services-centre.html RIPE 52 INFORMATION For further information on RIPE 52, please see: http://www.ripe.net/ripe/meetings/ripe-52/ RIPE 52 REGISTRATION You can register for this meeting at: https://lirportal.ripe.net/lirportal/meeting/registration/meeting.html?id=29 Should you have any questions, please contact us at: . Regards, Camilla Meidell Conference Coordinator RIPE NCC From daniel.karrenberg at ripe.net Thu Apr 6 16:25:41 2006 From: daniel.karrenberg at ripe.net (Daniel Karrenberg) Date: Thu, 6 Apr 2006 16:25:41 +0200 Subject: Proposal for a RIPE "IP Spoofing" Task Force Message-ID: <20060406142541.GV9312@reifer.karrenberg.net> Dear colleagues, unfortunately DoS amplification attacks are still with us. There are indications that the damage caused by such attacks is increasing; certainly their visibility has increased recently. The only way to effectively stop amplification attacks is to prevent IP source address spoofing. Without spoofing there is no amplification and no obfuscation of the real source of DoS attack traffic. RIPE needs to encourage operators to prevent IP source address spoofing. Hence I propose to establish an "IP Spoofing" task force. I include a document outlining the motivation for the task force, a proposed charter and a proposed time-line; it also has a refeerence list that can be used to as a starting point to learn more. In order to collect suggestions and gather people working on the task force, I propose a BoF session at RIPE-52. Tuesday around 17:15 after the plenary and before the social is a good time. If you are interested I will see you there. If you would like to help but you will not be in Istanbul, please contact me off-list with specifics of what you can contribute. I am specifically looking for people from equipment vendors who can provide how-to documents and network operators who can relate deployment experiences. Daniel "Es gibt nichts Gutes, ausser man tut es." - Erich Kaestner -------------- next part -------------- Proposal for a RIPE "IP Spoofing" Task Force ============================================ Daniel Karrenberg 1.0 Thu Apr 6 16:04:35 CEST 2006 Introduction ------------ IP source address spoofing is the practice of originating IP datagrams with source addresses other than those assigned to the host of origin. In simple words the host pretends to be some other host. This can be exploited in various ways, most notably to execute DoS amplification attacks which cause an amplifier host to send traffic to the spoofed address. There are many recommendations to prevent IP spoofing by ingress filtering, e.g. checking source addresses of IP datagrams close to the network edge. Most equipment vendors support ingress filtering in some form. Yet recently significant DoS amplification attacks have happened which would be impossible without spoofing. This demonstrates that ingress filtering is definitely not deployed sufficiently. Unfortunately there are no direct benefits to an ISP that deploys ingress filtering. Also there is a widely held belief that ingress filtering only helps when it is universally deployed. RIPE as an operational forum should promote deployment of ingress filtering at the network edge by creating a task force that raises awareness and provides indirect incentives for deployment. Proposed Charter ---------------- This task force shall - raise awareness about this issue among network operators, - inform about operational methods to implement ingress filtering, and - seek ways to provide incentives and benefits to operators that do implement ingress filtering. The taskforce shall have completed its task when - network operators cannot reasonably claim not to be aware of the issue, - information about ways to deploy ingress filtering are readily available and - and any incentives it may have devised have become available. The task force shall be disbanded when these tasks have been completed or when there is consensus withing RIPE that completion of the tasks is no longer realistic. Suggested Time-Line ------------------- RIPE-52: BoF and Establishment of Task Force Quickly draft and publish RIPE recommendation citing existing work. Compile How-To with (pointers to) vendor documentation and operational experience reports. Establish liaison with MIT ANA Spoofer Project, promote their tools. Analyse Spoofer data for RIPE region. RIPE-53: Published RIPE Recommendation on Ingress Filtering Published First Edition of "Ingress Filtering How-To" First analysis of Spoofer data. Discuss possible incentive schemes. Revise and extend How-To. Devise possible incentive schemes like a "Source Address Clean" network logo, suitable RIPE DB attributes ... RIPE-54: Published Second Edition of "IP Source Address Filtering How-To" Further analysis of Spoofer data for RIPE region. Launch of any incentive scheme. Implement incentive scheme. Monitor progress and effectiveness. RIPE-55: Evaluation and Disbanding of Task Force References ---------- RFC2827 Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing http://www.ietf.org/rfc/rfc2827.txt SSAC004 Securing the Edge http://www.icann.org/committees/security/sac004.txt SSAC008 DNS Distributed Denial of Service (DDoS) Attacks http://www.icann.org/committees/security/dns-ddos-advisory-31mar06.pdf ripe-66 RIPE Task Forces ftp://ftp.ripe.net/ripe/docs/ripe-066.txt MIT Spoofer Project http://spoofer.csail.mit.edu/ From jeroen at unfix.org Thu Apr 6 19:31:36 2006 From: jeroen at unfix.org (Jeroen Massar) Date: Thu, 06 Apr 2006 19:31:36 +0200 Subject: Proposal for a RIPE "IP Spoofing" Task Force In-Reply-To: <20060406142541.GV9312@reifer.karrenberg.net> References: <20060406142541.GV9312@reifer.karrenberg.net> Message-ID: <1144344696.23971.114.camel@firenze.zurich.ibm.com> On Thu, 2006-04-06 at 16:25 +0200, Daniel Karrenberg wrote: > Dear colleagues, > > unfortunately DoS amplification attacks are still with us. [..] I think it is very good think to have such a working group. The biggest reason that I heared from various ISP's for not doing RPF/ingressfiltering etc. is that they claim their gear doesn't support it, or that it would overload their hardware too much, thus they don't want to enable it. Same reason why they don't filter out RFC1918 and other darkspace in many places. Still having even 80% of the places doing it takes care of those 80% places. The other nests can't be controlled anyway. Getting everybody to cooperate is probably not done. Maybe a good incentive would be that ISP's would not link to another network if that other network, but that brings in a lot of political issues too next too technical ones... Transit ISP's could of course in those cases filter out their downstream customers, which is what they should be doing IMHO... Maybe a "Secure Internet Working" TF is a better idea, then it can also raise awareness in the future of possible S-BGP/BGP-S solutions, anti-spam solutions, closing down relays, tracking ddos bots... oops too many potholes, better focus on one I guess ;) Greets, Jeroen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 315 bytes Desc: This is a digitally signed message part URL: From leo at ripe.net Fri Apr 7 13:30:37 2006 From: leo at ripe.net (leo vegoda) Date: Fri, 07 Apr 2006 07:30:37 -0400 Subject: RIR Comparative Policy Overview Update Message-ID: <44364D5D.5020407@ripe.net> [Apologies for duplicate e-mails] Dear Colleague, The Regional Internet Registry (RIR) Comparative Policy Overview has been updated and is available on the Number Resource Organization (NRO) website at: http://www.nro.net/policy/index.html This document enables the community to review the policies in the global RIR system. To view specific policy statements from individual RIRs, please visit each RIR's policy pages: - AfriNIC http://www.afrinic.net/policy.htm - APNIC http://www.apnic.net/docs/policy/dev/index.html - ARIN http://www.arin.net/policy/index.html - LACNIC http://lacnic.net/en/politicas/index.html - RIPE NCC http://www.ripe.net/ripe/policies/ Regards, -- leo vegoda Registration Services Manager RIPE NCC From saskia at ripe.net Wed Apr 12 09:31:32 2006 From: saskia at ripe.net (Saskia van Gorp) Date: Wed, 12 Apr 2006 09:31:32 +0200 Subject: RIPE NCC offices closed on 14 & 17 April, 2006 Message-ID: <443CACD4.9040304@ripe.net> Dear colleagues, The RIPE NCC offices will be closed on following days: Friday, 14 April, 2006 (Good Friday) Monday, 17 April, 2006 (Easter Monday) Normal office hours will resume on Tuesday, 18 April, 2006. Kind regards, Saskia van Gorp Front Office Manager RIPE NCC From meeting at ripe.net Thu Apr 13 17:28:39 2006 From: meeting at ripe.net (RIPE NCC meeting coordinator) Date: Thu, 13 Apr 2006 17:28:39 +0200 Subject: RIPE 52: Remote Participation Message-ID: <20060413172839.12ac4f85.meeting@ripe.net> [Apologies for duplicate mails] Dear Colleagues, RIPE 52 will be held 24 - 28 April 2006 at the Ceylan InterContinental hotel in Istanbul, Turkey. REMOTE PARTICIPATION If you are unable to attend the meeting, you can participate by using IRC and Jabber while watching the live webcast. Please note that all feedback submitted through IRC/Jabber will be archived and publicly accessible. More information about remote participation at RIPE 52 is available at: http://www.ripe.net/ripe/meetings/ripe-52/feedback.html WEBCAST The RIPE NCC will broadcast sessions live during the meeting at: http://www.ripe.net/ripe/meetings/ripe-52/webcast.html MEETING PLAN The meeting plan is available at: http://www.ripe.net/ripe/meetings/ripe-52/meeting-plan.html PLENARY PRESENTATIONS Abstracts of the plenary presentations are available at: http://www.ripe.net/ripe/meetings/ripe-52/presentations/ REGISTRATION To register for RIPE 52, please go to the registration page at: https://lirportal.ripe.net/lirportal/meeting/registration/meeting.html?id=29 RIPE 52 INFORMATION For further information about RIPE 52, please see: http://www.ripe.net/ripe/meetings/ripe-52/ If you have any further questions, please contact us at: Regards, Camilla Meidell Conference Coordinator RIPE NCC From jordi.palet at consulintel.es Tue Apr 18 10:46:22 2006 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Tue, 18 Apr 2006 10:46:22 +0200 Subject: IPv6 workshop in Istanbul Message-ID: Hi all, Sponsored by ISOC, there will be an IPv6 workshop next Friday 28th afternoon in Istanbul, right after the RIPE lunch. The workshop is intended for those that don't have IPv6 knowledge. More information and registration: http://www.ipv6tf.org/ipv6_istanbul_isoc.php Please, forward this to your colleagues and other people that may be interested in participating. Thanks ! Regards, Jordi ********************************************** The IPv6 Portal: http://www.ipv6tf.org Barcelona 2005 Global IPv6 Summit Slides available at: http://www.ipv6-es.com This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited. From webmaster at ripe.net Thu Apr 20 13:40:54 2006 From: webmaster at ripe.net (RIPE NCC Document Announcement Service) Date: Thu, 20 Apr 2006 13:40:54 +0200 Subject: New Document available: RIPE-376 Message-ID: <20060420114054.710CB2F5BD@herring.ripe.net> <<< our apologies for duplicate e-mails >>> New RIPE Document Announcement -------------------------------------- A new document is available from the RIPE document store. Ref: ripe-376 Title: Assigned Numbers Authority (IANA) Policy for Allocation of IPv6 Blocks to Regional Internet Registries Author: AfriNIC APNIC ARIN LACNIC RIPE NCC Date: 19 April 2006 Format: PDF=10551 TXT=4280 Obsoletes: Obsoleted by: Updates: Updated by: Short content description ------------------------- This document describes the policy governing the allocation of IPv6 address space from the IANA to the Regional Internet Registries (RIRs). This document does not stipulate performance requirements in the provision of services by IANA to an RIR in accordance with this policy. Such requirements will be specified by appropriate agreements between ICANN and the NRO. Accessing the RIPE document store --------------------------------- You can access the RIPE documents in HTML format via our website at the following URL: http://www.ripe.net/ripe/docs/ripe-376.html The RIPE Document Store is also available via anonymous FTP to ftp.ripe.net, in the directory ripe/docs. The URLs for the new documents on the FTP-server are: ftp://ftp.ripe.net/ripe/docs/ripe-376.pdf PDF version ftp://ftp.ripe.net/ripe/docs/ripe-376.txt plain text version Kind Regards, Jeroen Bet RIPE NCC Content Webmaster From meeting at ripe.net Thu Apr 20 15:07:34 2006 From: meeting at ripe.net (RIPE NCC meeting coordinator) Date: Thu, 20 Apr 2006 15:07:34 +0200 Subject: RIPE 52: Final Reminder Message-ID: <20060420150734.67aa261c.meeting@ripe.net> [Apologies for duplicate mails] Dear Colleagues, RIPE 52 will be held 24 - 28 April 2006 at the Ceylan InterContinental hotel in Istanbul, Turkey. REGISTRATION To register for RIPE 52, please go to the registration page at: https://lirportal.ripe.net/lirportal/meeting/registration/meeting.html?id=29 Online registration closes on Friday 21 April at 17:00 CET. After this date, it will still be possible to register onsite at the RIPE 52 registration desk. PLENARY PRESENTATIONS Abstracts of the presentations are available at: http://www.ripe.net/ripe/meetings/ripe-52/presentations/ WORKING GROUP AGENDAS The RIPE Working Group agendas are posted at: http://www.ripe.net/ripe/meetings/ripe-52/agendas/index.html REMOTE PARTICIPATION If you are unable to attend the meeting, you can participate by using IRC and Jabber while watching the live webcast. Please note that all feedback submitted through IRC/Jabber will be archived and publicly accessible. More information about remote participation at RIPE 52 is available at: http://www.ripe.net/ripe/meetings/ripe-52/feedback.html RIPE 52 INFORMATION For further information about RIPE 52, please see: http://www.ripe.net/ripe/meetings/ripe-52/ If you have any further questions, please contact us at: Regards, Camilla Meidell Conference Coordinator RIPE NCC -- Camilla Meidell Conference Coordinator RIPE NCC From webmaster at ripe.net Tue Apr 25 15:16:19 2006 From: webmaster at ripe.net (RIPE NCC WebMaster) Date: Tue, 25 Apr 2006 15:16:19 +0200 Subject: Network interruption due to power failure Message-ID: <20060425131619.B93332F583@herring.ripe.net> Dear Colleagues, At approximately 11:30 local Istanbul time, we experienced a power failure at the RIPE 52 Meeting venue. This caused a failure in our Internet connectivity, which interrupted the RIPE 52 Webcast and our Jabber / IRC service. The problem was resolved at approximately 15:00 local time. We apologise for the inconvenience. Regards Jeroen Bet RIPE NCC WEBMASTER ==================