-- PLEASE NOTE: If you are replying to this, consider pruning the list
-- of cc's rather than crossposting replies wildly! Thanks.
The LINX and several of its members have recently had to take action
against an ISP that was using GRE tunneling between exchange points
to appropriate the capacity of other ISPs.
Although the offending party is now unlikely to repeat this abuse,
we feel that this is an important vulnerabilty which could
potentially be newly exploited by others elsewhere. We have created
an advisory which describes details of the vulnerability, and how to
detect and prevent it.
This advisory can be found at http://www.linx.net/tunnel-advisory.txt
Any questions are best referred to the authors listed in the
advisory text.
I would like to gratefully acknowledge the efforts of Lyndon
Levesley and Alex Bligh at GX Networks among others in tracking down
the abuse and creating this document.
Keith Mitchell
Chairman
London InterNet Exchange keith@linx.org
Geneva House, 3 Park Road
Peterborough PE1 2UX
United Kingdom
Phone: +44 1733 705000 (fax 353929)
Paul