I am not sure how many on the list are Legacy resource holders from before the RIR's were established, but there is an extremely short sighted security practice that is being used across the internet.
Apparently, the RIR that has been given "authority" for an IP prefix range that was a legacy assignment is being used as a geographical locator for those prefixes. For instance, we provide access for several /16's that are in the 150/8 prefix that was set as APNIC. I am aware of quite a few organizations in the US that have prefixes in that range. We have registered our legacy resources with ARIN, but there are some people insist that somehow the state of Missouri must be part of China because... "APNIC!". They set firewalls and access rules based on that, and are hard pressed to not fix them. Is there any way to raise awareness to this inconsistency so that security people will stop doing this? Shannon Spurling shan...@more.net
