<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

<head>

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">

<meta name=Generator content="Microsoft Word 12 (filtered medium)">

<style>

<!--

 /* Font Definitions */

 @font-face

        {font-family:"Cambria Math";

        panose-1:2 4 5 3 5 4 6 3 2 4;}

@font-face

        {font-family:Calibri;

        panose-1:2 15 5 2 2 2 4 3 2 4;}

@font-face

        {font-family:Tahoma;

        panose-1:2 11 6 4 3 5 4 4 2 4;}

@font-face

        {font-family:Webdings;

        panose-1:5 3 1 2 1 5 9 6 7 3;}

 /* Style Definitions */

 p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:12.0pt;

        font-family:"Times New Roman","serif";}

a:link, span.MsoHyperlink

        {mso-style-priority:99;

        color:blue;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {mso-style-priority:99;

        color:purple;

        text-decoration:underline;}

p.emailquote, li.emailquote, div.emailquote

        {mso-style-name:emailquote;

        mso-margin-top-alt:auto;

        margin-right:0cm;

        mso-margin-bottom-alt:auto;

        margin-left:1.0pt;

        border:none;

        padding:0cm;

        font-size:12.0pt;

        font-family:"Times New Roman","serif";}

span.EmailStyle18

        {mso-style-type:personal-reply;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

.MsoChpDefault

        {mso-style-type:export-only;

        font-size:10.0pt;}

@page Section1

        {size:612.0pt 792.0pt;

        margin:72.0pt 72.0pt 72.0pt 72.0pt;}

div.Section1

        {page:Section1;}

-->

</style>

<!--[if gte mso 9]><xml>

 <o:shapedefaults v:ext="edit" spidmax="1026" />

</xml><![endif]--><!--[if gte mso 9]><xml>

 <o:shapelayout v:ext="edit">

  <o:idmap v:ext="edit" data="1" />

 </o:shapelayout></xml><![endif]-->

</head>

<body lang=EN-AU link=blue vlink=purple>

<div class=Section1>

<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";

color:#1F497D'>Mikrotik may be Latvian but the owner is a Texan (just like

George Bush)…..explains everything.<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";

color:#1F497D'><o:p> </o:p></span></p>

<div>

<p class=MsoNormal><span style='font-size:14.0pt;font-family:"Calibri","sans-serif";

color:#1F497D'>Mark McKibbin<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:#1F497D'>DCS

Internet<o:p></o:p></span></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span

style='font-size:18.0pt;font-family:Webdings;color:green;layout-grid-mode:line'>P

</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";

color:green;layout-grid-mode:line'>Please consider the trees that will die if

you choose to print this email</span><span style='font-size:11.0pt;font-family:

"Calibri","sans-serif";color:gray'><o:p></o:p></span></p>

</div>

<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";

color:#1F497D'><o:p> </o:p></span></p>

<div>

<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>

<p class=MsoNormal style='margin-left:36.0pt'><b><span lang=EN-US

style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span

lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>

ausnog-bounces@lists.ausnog.net [mailto:ausnog-bounces@lists.ausnog.net] <b>On

Behalf Of </b>Skeeve Stevens<br>

<b>Sent:</b> Monday, 23 February 2009 4:00 AM<br>

<b>To:</b> ausnog@lists.ausnog.net; NZNOG@list.waikato.ac.nz<br>

<b>Subject:</b> [AusNOG] Interesting - How a Router's Missed Range Check Nearly

Crashed the Internet<o:p></o:p></span></p>

</div>

</div>

<p class=MsoNormal style='margin-left:36.0pt'><o:p> </o:p></p>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>From the front page of

Slashdot:</span><span style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>Barlaam writes "A bug by

router vendor A (omitting a range check from a critical field in the

configuration interface) tickled a bug from router vendor B (dropping BGP

sessions when processing some ASPATH attributes with length very close to 256),

causing a ripple effect that caused widespread global routing instability last

week. The flaw lay dormant until one of vendor A's systems was deployed in an

autonomous system whose ASN, modulo 256, was greater than 250. At that point,

the Internet was one typo away from disaster. Other router vendors, who were

not affected by the bug, happily propagated the trigger message to every

vulnerable system on the planet in about 30 seconds. Few people appreciate how

fragile and unsecured the Internet's trust-based critical infrastructure really

is — this is just the latest example." Vendor A, in this case, is a

Latvian router vendor called MikroTik.</span><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>Is this just the 4byte ASN

thing from months ago or something new?</span><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>I knew there was a reason I

hated Mikrotik’s so much.</span><span style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>--</span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>Skeeve Stevens, CEO/Technical

Director</span><span style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>eintellego Pty Ltd - The

Networking Specialists</span><span style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>skeeve@eintellego.net / <a

href="http://www.eintellego.net">www.eintellego.net</a></span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>Phone: 1300 753 383, Fax:

(+612) 8572 9954</span><span style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>Cell +61 (0)414 753 383 /

skype://skeeve</span><span style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>--</span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'>NOC, NOC, who's there?</span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:7.5pt;

font-family:"Calibri","sans-serif";color:#002060'>Disclaimer: Limits of

Liability and Disclaimer: This message is for the named person's use only. It

may contain sensitive and private proprietary or legally privileged

information. You must not, directly or indirectly, use, disclose, distribute,

print, or copy any part of this message if you are not the intended recipient.

eintellego Pty Ltd and each legal entity in the Tefilah Pty Ltd group of

companies reserve the right to monitor all e-mail communications through its

networks.  Any views expressed in this message are those of the individual

sender, except where the message states otherwise and the sender is authorised

to state them to be the views of any such entity. Any reference to costs, fee

quotations, contractual transactions and variations to contract terms is

subject to separate confirmation in writing signed by an authorised

representative of eintellego. Whilst all efforts are made to safeguard inbound

and outbound e-mails, we cannot guarantee that attachments are virus-free or compatible

with your systems and do not accept any liability in respect of viruses or

computer problems experienced.</span><span style='font-size:10.0pt;font-family:

"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:7.5pt;

font-family:"Calibri","sans-serif";color:#002060'> </span><span

style='font-size:10.0pt;font-family:"Calibri","sans-serif"'><o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p>

</div>

<div>

<p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:10.0pt;

font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p>

</div>

</div>

</body>

</html>