resolving prefix hijacks (was Re: Prefix hijacking by Michael Lindsay via Internap)
Jon Lewis
jlewis at lewis.org
Sun Aug 21 19:22:03 UTC 2011
On Sun, 21 Aug 2011, Ken Chase wrote:
> That said, what is the de jure responce when a prefix is hijacked? Does
> anyone have a 'best practices' guide? I am sure some of the most effective
> vs legal practices are not in fact concomittant.
It doesn't hurt to complain/announce about it here and various other NOGs.
Spamhaus, SORBS, and possibly other DNSBLs might, if they buy the case,
decide to list the space until the dispute is resolved, especially if its
being used for spamming operations.
But resolution is going to have to come from communications between the
"owner", the relevant RIR, and the transit provider(s) (or possibly their
transit providers) providing service to the hijacker.
The RIRs can't stop anyone from announcing routes...but I suspect any
legitimate NSP when approached by ARIN, RIPE, APNIC, etc. and told that
routes they're propagating for a customer are hijacked, will accede to the
opionion of the RIR.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list