220.127.116.11 -- Harmless mis-route or potential exploit?
morrowc.lists at gmail.com
Wed Sep 3 09:00:41 CDT 2008
On Wed, Sep 3, 2008 at 8:48 AM, <bmanning at vacation.karoshi.com> wrote:
> On Tue, Sep 02, 2008 at 10:08:10PM -0400, Christopher Morrow wrote:
>> On 9/2/08, Todd Underwood <todd-nanog at renesys.com> wrote:
>> > checking our current data, that block is not currently routed by any
>> > of our peers over the last month (i would assume ripe ris and
>> > routeviews report similar data, but i did not check them.
>> it's also probably worth stating that parts of 198.32/16 are never
>> routed anywhere on the Internet (here comes bill to tell me 'who's
>> Internet?' .....). Some is in use on private networks, some is in use
>> at exchange points and not routed outside the immediate peers.
> grump... ok... "who's internet"?
there he is!!! :) (thanks for restoring my faith in... humanity)
>> Most times, as I recall, epnet does a decent job of keeping the whois
>> data or rdns data updated though, for things in use. (though possibly
>> not for private uses)
> rdns moreso that whois...
18.104.22.168 == AS-20144-has-not-REGISTERED-the-use-of-this-prefix.
More information about the NANOG