Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Is your provider taking extra measure against bgp hijacking?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Is your provider taking extra measure against bgp hijacking?

Really nice tool that you can check with if your provider has rpki enabled!

Is your provider using rpki?

https://isbgpsafeyet.com/

Thanked by 1virtua_cloud

Comments

  • JordJord Moderator, Host Rep

    Prem ISP

  • jackbjackb Member, Host Rep
    edited April 2020

    @Jord said:
    Prem ISP

    Doesn't surprise me that Plusnet fail. They store user account passwords in plain text deliberately.

    If you want to verify, call them up. They'll ask you for 3 characters from it.

  • JordJord Moderator, Host Rep
    edited April 2020

    @jackb said:

    @Jord said:
    Prem ISP

    Doesn't surprise me that Plusnet fail. They store user account passwords in plain text deliberately.

    If you want to verify, call them up. They'll ask you for 3 characters from it.

    EE fails too, a lot of them do. So does Three.

  • jackbjackb Member, Host Rep

    @Jord said:

    @jackb said:

    @Jord said:
    Prem ISP

    Doesn't surprise me that Plusnet fail. They store user account passwords in plain text deliberately.

    If you want to verify, call them up. They'll ask you for 3 characters from it.

    EE fails too, a lot of them do. So does Three.

    Sky do too. I think Plusnet is the only one of the above that does passwords in plain text.

  • JordJord Moderator, Host Rep
    edited April 2020

    @jackb said:

    @Jord said:

    @jackb said:

    @Jord said:
    Prem ISP

    Doesn't surprise me that Plusnet fail. They store user account passwords in plain text deliberately.

    If you want to verify, call them up. They'll ask you for 3 characters from it.

    EE fails too, a lot of them do. So does Three.

    Sky do too. I think Plusnet is the only one of the above that does passwords in plain text.

    So does Zen. Yeah, I know they ask me for the 2 characters when I verify.

    Saying that, least it's not like Virgin Media who leak like 900,000 customers records from a Marketing Database just online.

  • RazzaRazza Member
    edited April 2020

    TalkTalks fails too, I don't think you will find many home or mobile isp that uses rpki anyway.

  • jackbjackb Member, Host Rep

    @Jord s
    So does Zen. Yeah, I know they ask me for the 2 characters when I verify.

    Saying that, least it's not like Virgin Media who leak like 900,000 customers records from a Marketing Database just online.

    That's a shame. Zen were my next candidate when my current deal with sky runs out.

  • The only UK ISP I'd ever trust again is Andrews & Arnold. Not the cheapest but rock solid, customer oriented and very secure. I have no axe to grind, just a customer and they don't do affiliates. They're not the cheapest but after years with first Zen then Plusnet (the worst of the two by far) I think A&A are worth the extra.

  • JordJord Moderator, Host Rep

    @jackb said:

    @Jord s
    So does Zen. Yeah, I know they ask me for the 2 characters when I verify.

    Saying that, least it's not like Virgin Media who leak like 900,000 customers records from a Marketing Database just online.

    That's a shame. Zen were my next candidate when my current deal with sky runs out.

    Like @Razza said you are going to find it hard to find a home ISP who uses RPKI. They are all going to be the same. I have access to Plusnet, Sky, Zen, TalkTalk Business and a few more and they all come back failed.

    It doesn't affect anything so go with Zen. They've been great to us so I would highly recommend them.

  • jackbjackb Member, Host Rep

    @Jord said:

    @jackb said:

    @Jord s
    So does Zen. Yeah, I know they ask me for the 2 characters when I verify.

    Saying that, least it's not like Virgin Media who leak like 900,000 customers records from a Marketing Database just online.

    That's a shame. Zen were my next candidate when my current deal with sky runs out.

    Like @Razza said you are going to find it hard to find a home ISP who uses RPKI. They are all going to be the same. I have access to Plusnet, Sky, Zen, TalkTalk Business and a few more and they all come back failed.

    It doesn't affect anything so go with Zen. They've been great to us so I would highly recommend them.

    Oh I thought you meant Zen were storing passwords in plain text too.

    ^ UK home ISP's, except the good guy is AAISP and costs a bomb.

  • JordJord Moderator, Host Rep

    jackb said: Oh I thought you meant Zen were storing passwords in plain text too.

    I haven't rung them for a good few years (haven't needed too) but from what I can remember they only asked for my name and address. I can't remember giving them a password.

    Thanked by 1jackb
  • JordJord Moderator, Host Rep

    dominame said: but after years with first Zen then Plusnet (the worst of the two by far)

    Zen is a customers line, never had a problem with it and good sync speeds. It's been running now for 3 years. I haven't had to ring them once for any issues.

    Plusnet is my home connection, never had a problem with them either. I never had to contact them for any issues either.

    I would highly recommend them to anyone.

  • dfroedfroe Member, Host Rep

    By the way just to clarify the small difference, this test is not about whether rPKI is enabled for IP subnets of a provider but to test whether rPKI validation is done when importing routes via BGP.

    The results are absolutely expected for me.

    1. Implementing rPKI validation is work, costs time and money not only to implement but also to maintain.
    2. If just one little thing is done wrong, let it be a mistake in rPKI validation or simply a incorrect rPKI configuration by the owner of the subnet, this will result in unreachability of that subnet.
    3. If a customer cannot access something from ISP A (doing rPKI validation because someone else messed up the ROA) but it works with ISP B (not caring about rPKI), he will most likely blame A.
    4. 3 is much more likely to happen compared to a customer leaving his ISP because of unimplemented rPKI validation.

    Seen from the point of view of an ISP whose most important goal is to maximize profit, what is the reason why their should implement rPKI validation.

    Fortunatelly this does not apply to all providers - but from my experience to the majority of them.

    Thanked by 1FHR
  • RazzaRazza Member

    I've tested all the hosting provider that I currently use the only that seems to use rPki is online.net.

  • debaserdebaser Member
    edited April 2020

    Nope, but I was expecting this after reading @dfroe’s post.

Sign In or Register to comment.