Hijacked IP space.

• Previous message (by thread): Hijacked IP space.
• Next message (by thread): Hijacked IP space.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jamie Reid writes on 11/4/2003 12:54 AM:

> Are they taking advantage of sloppy redistribution configurations, 0wning
> routers, spoofing OSPF updates,  taking advantage of default static
> routes, or is there something more complicated at work? 

Sometimes as simple as social engineering - a company goes out of 
business, but still has a /16 allocated to it.  So what happens is that 
some fake letterheads get typed up (and possibly the company name 
re-registered "under new management), and a request for routing these 
blocks goes out ...

Then you get (say) a T1 from some random ISP, and then get them to 
announce the /16.

	srs

-- 
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations

• Previous message (by thread): Hijacked IP space.
• Next message (by thread): Hijacked IP space.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]