community real-time BGP hijack notification service (fwd)

Avi Freedman freedman at
Fri Sep 12 09:50:43 CDT 2008

Hi, Arnaud.  The design is to only watch the origin ASN, not the other
ASNs in the path.  Support for doing something with the transit portion
wof the AS_PATH will be added, probably a very simple "alert if X is
in there" or "alert if Y is not in there".

As others have said it's imperfect so ideas are welcome but the goal
here is to try to keep it useful but simple.



> Date: Fri, 12 Sep 2008 14:18:58 +0200
> From: Arnaud de Prelle <arnaud at>
> To: Gadi Evron <ge at>
> Cc: nanog at
> Subject: Re: community real-time BGP hijack notification service
> Hello Gadi,
> Gadi Evron wrote:
> > Hi, WatchMy.Net is a new community service to alert you when your prefix
> > has been hijacked, in real-time.
> Very good initiative. You can count on me as one of your users.
> Note that apparently it doesn't seem to be working as expected yet.
> Indeed I already received two false alerts:
> 1.
> Subject:
> BGP Alert - seeing {, 6450 3737 701 702 43751}
> Body:
> Hello, we are seeing being advertised with aspath 6450
> 3737 701 702 43751.
> We are alerting you because of the rule you set that is watching for
> prefixes that match or are more specific than, and are
> originated with any origin AS other than one of 702,6661,8220

More information about the NANOG mailing list