Re: Potential Prefix Hijack

• From: Nuno Vieira - nfsi telecom
• Date: Tue Nov 11 09:04:28 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

That's not true, as not all our prefixes were hijacked nor leaked, since they were originating them.  If they were leaking them you might be able to see further AS's on the AS-PATH, incluiding the legitimate AS for originating those prefixes.

My point here is also about peers and upstreams to set properly filter or max-prefix settings to avoid those nasty things.

Am i seeing things in a blur way ?  or this is supposed to happen as wind flows ?

regards,
---
Nuno Vieira
nfsi telecom, lda.

[email protected]
Tel. (+351) 21 949 2300 - Fax (+351) 21 949 2301
http://www.nfsi.pt/



----- "Raymond Dijkxhoorn" <[email protected]> wrote:

> Hi!
> 
> > We were hijacked aswell, by 27664 16735
> >
> > Our affected prefixes were:
> >
> > 94.46.0.0/16
> > 194.88.142.0/23
> > 194.11.23.0/24
> > 82.102.0.0/18
> > 195.246.238.0/23
> > 194.107.127.0/24
> > 81.92.192.0/19
> > 193.227.238.0/23
> >
> > We are trying to contact them in order to get some feedback, and
> some good explanation for this.
> 
> The obviously were leaking full routing, are we all gonna annnounce
> 'my 
> prefix was in there also?'
> 
> Bye,
> Raymond.

• Follow-Ups:
  • Re: Potential Prefix Hijack Raymond Dijkxhoorn

• References:
  • Re: Potential Prefix Hijack Raymond Dijkxhoorn

• Prev by Date: Re: Potential Prefix Hijack
• Next by Date: Re: Potential Prefix Hijack
• Date Index
• Thread Index
• Author Index
• Historical