Potential Prefix Hijack

Nuno Vieira - nfsi telecom nuno.vieira at nfsi.pt
Tue Nov 11 14:01:29 UTC 2008


That's not true, as not all our prefixes were hijacked nor leaked, since they were originating them.  If they were leaking them you might be able to see further AS's on the AS-PATH, incluiding the legitimate AS for originating those prefixes.

My point here is also about peers and upstreams to set properly filter or max-prefix settings to avoid those nasty things.

Am i seeing things in a blur way ?  or this is supposed to happen as wind flows ?

regards,
---
Nuno Vieira
nfsi telecom, lda.

nuno.vieira at nfsi.pt
Tel. (+351) 21 949 2300 - Fax (+351) 21 949 2301
http://www.nfsi.pt/



----- "Raymond Dijkxhoorn" <raymond at prolocation.net> wrote:

> Hi!
> 
> > We were hijacked aswell, by 27664 16735
> >
> > Our affected prefixes were:
> >
> > 94.46.0.0/16
> > 194.88.142.0/23
> > 194.11.23.0/24
> > 82.102.0.0/18
> > 195.246.238.0/23
> > 194.107.127.0/24
> > 81.92.192.0/19
> > 193.227.238.0/23
> >
> > We are trying to contact them in order to get some feedback, and
> some good explanation for this.
> 
> The obviously were leaking full routing, are we all gonna annnounce
> 'my 
> prefix was in there also?'
> 
> Bye,
> Raymond.




More information about the NANOG mailing list