Hijacked Network Ranges

Grant Ridder shortdudey123 at gmail.com
Tue Jan 31 12:19:02 CST 2012


Hi,

What is keeping you from advertising a more specific route (i.e /25's)?

-Grant

On Tue, Jan 31, 2012 at 12:00 PM, Kelvin Williams <kwilliams at altuscgi.com>wrote:

> Greetings all.
>
> We've been in a 12+ hour ordeal requesting that AS19181 (Cavecreek Internet
> Exchange) immediately filter out network blocks that are being advertised
> by ASAS33611 (SBJ Media, LLC) who provided to them a forged LOA.
>
> The routes for networks: 208.110.48.0/20, 63.246.112.0/20, and
> 68.66.112.0/20 are registered in various IRRs all as having an origin AS
> 11325 (ours), and are directly allocated to us.
>
> The malicious hijacking is being announced as /24s therefore making route
> selection pick them.
>
> Our customers and services have been impaired.  Does anyone have any
> contacts for anyone at Cavecreek that would actually take a look at ARINs
> WHOIS, and IRRs so the networks can be restored and our services back in
> operation?
>
> Additionally, does anyone have any suggestion for mitigating in the
> interim?  Since we can't announce as /25s and IRRs are apparently a pipe
> dream.
>
> --
> Kelvin Williams
> Sr. Service Delivery Engineer
> Broadband & Carrier Services
> Altus Communications Group, Inc.
>
>
> "If you only have a hammer, you tend to see every problem as a nail." --
> Abraham Maslow
>


More information about the NANOG mailing list