odd hijack
steve at telecomplete.co.uk
steve at telecomplete.co.uk
Fri Nov 10 11:01:02 UTC 2006
the preso link is below, you didnt read it yet.. :)
you can hijack any address space providing your route is preferred either because it is more specific, less specific, shorter as-path..
Steve
On Thu, Nov 09, 2006 at 10:59:20PM -0700, Josh Karlin wrote:
>
> Wouldn't they want to hijack more specifics to spam? I doubt much of
> that space is going to correctly route for spamming purposes.
>
> On 11/9/06, Hank Nussbacher <hank at efes.iucc.ac.il> wrote:
> >
> >On Thu, 9 Nov 2006, Josh Karlin wrote:
> >
> >> Here is one that is somewhat the opposite, the AS announced a
> >> significant portion of IANA allocated space. Note, they are large
> >> blocks and as such probably did not cause much damage because most
> >> networks announce more specifics. My question to the community is,
> >> what kind of misconfiguration could cause this set of prefixes to be
> >> announced? I asked the AS responsible, but have not had a response.
> >
> >Misconfiguration? :-) That's a nice word for spammer. See Joe's PPT at:
> >http://www.uoregon.edu/~joe/maawg8/maawg8.ppt
> >
> >AS29449 is not the problem. It is the upstreams of AS5602 (KPNQwest
> >Italia) and AS286 (KPN) that let this crap leak.
> >
> >-Hank Nussbacher
> >http://www.interall.co.il
> >
> >
--
Stephen J. Wilcox
BSc (Hons). CCIE #10730
Technical Director, Telecomplete
http://www.telecomplete.co.uk/
More information about the NANOG
mailing list