YouTube IP Hijacking
Tomas L. Byrnes
tomb at byrneit.net
Mon Feb 25 17:37:26 UTC 2008
This is a very interesting site. However, I notice that, in the "all in
the last 24 hours" it doesn't show the YouTube hijack. It does have a
lot of entries for 17557, most recently on 2/17.
How reliable is this system?
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On
> Behalf Of Hank Nussbacher
> Sent: Sunday, February 24, 2008 11:33 PM
> To: Steven M. Bellovin; nanog at merit.edu
> Subject: Re: YouTube IP Hijacking
>
>
> At 05:31 AM 25-02-08 +0000, Steven M. Bellovin wrote:
>
> >Seriously -- a number of us have been warning that this could happen.
> >More precisely, we've been warning that this could happen
> *again*; we
> >all know about many older incidents, from the barely noticed to the
> >very noisy. (AS 7007, anyone?) Something like S-BGP will
> stop this cold.
> >
> >Yes, I know there are serious deployment and operational
> issues. The
> >question is this: when is the pain from routing incidents
> great enough
> >that we're forced to act? It would have been nice to have done
> >something before this, since now all the world's script kiddies have
> >seen what can be done.
>
> "we've been warning that this could happen *again*" - this is
> happening every day - just look to:
> http://cs.unm.edu/~karlinjf/IAR/prefix.php?filter=most
> http://cs.unm.edu/~karlinjf/IAR/subprefix.php?filter=most
> for samples. Thing is - these prefix hijacks are not big
> ticket sites like Youtube or Microsoft or Cisco or even
> whitehouse.gov - but rather just sites that never make it
> onto the NANOG radar.
>
> -Hank
>
>
>
>
More information about the NANOG
mailing list