North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: odd hijack

  • From: Josh Karlin
  • Date: Fri Nov 10 11:28:28 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta;; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=nL9TIR1EYwU2oqBTyHjR2gd0ZHeTHLPakwiLlxkI2Bgu8nIcNoQirjHlealkCzHY/hPpqgmXg4Y11t0sZij6eNQwFLT+new8HteDVcrSvzTNGdlgVUc5nySP27g+oE6jvGcGSVKKFzLKEV1eWTlWe1/8LwvZ5VVs+ilWJK/Pg2s=

> Wouldn't they want to hijack more specifics to spam?

no.  see nick feamster's work, and the lightning talk i proxied
for him in dallas.

Right, you might want to announce less specifics so that you go
unnoticed and then you can spam from blocks not in use.  I'm just
somewhat surprised that they would announce /3's, /6's, and /7's and
be so incredibly obvious about it rather than actually be covert and
just announce a few more specifics that likely noone would notice.

But I guess at this point they're still not being caught so why worry.