BGP hijack from 23724 -> 4134 China?
Beavis
pfunix at gmail.com
Fri Apr 9 00:29:07 UTC 2010
Is it possible for you to share that filter list you have for china?
im getting bogged down by those ssh-bruts as well coming in from
china.
-B
On Thu, Apr 8, 2010 at 2:36 PM, Brielle Bruns <bruns at 2mbit.com> wrote:
> On 4/8/10 2:23 PM, Jay Hennigan wrote:
>>
>> We just got Cyclops alerts showing several of our prefixes sourced from
>> AS23474 propagating through AS4134. Anyone else?
>>
>> aut-num: AS23724
>> as-name: CHINANET-IDC-BJ-AP
>> descr: IDC, China Telecommunications Corporation
>> country: CN
>>
>> aut-num: AS4134
>> as-name: CHINANET-BACKBONE
>> descr: No.31,Jin-rong Street
>> descr: Beijing
>> descr: 100032
>> country: CN
>>
>> --
>> Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
>> Impulse Internet Service - http://www.impulse.net/
>> Your local telephone and internet company - 805 884-6323 - WB6RDV
>>
>
> I'm starting to wonder if someone is 'testing the waters' in China to see
> what they can get away with. I hate to be like this, but there's a reason
> why I have all of China filtered on my routers.
>
> Amazing how much SSH hammering, spam, and other nastiness went away within
> minutes of the filtering going in place.
>
> There comes a point where 'accidental' and 'isolated incident' become "we no
> care" and "spam not illegal". And no, i'm not quoting that to mock, but
> rather repeat exactly what admins in China send to me in response to abuse
> reports and blocking in the AHBL.
>
> --
> Brielle Bruns
> The Summit Open Source Development Group
> http://www.sosdg.org / http://www.ahbl.org
>
>
--
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
More information about the NANOG
mailing list