HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP hijacking??

Christopher Morrow morrowc.lists at gmail.com
Thu Mar 31 04:49:53 CDT 2011


On Thu, Mar 31, 2011 at 11:48 AM, Christopher Morrow
<morrowc.lists at gmail.com> wrote:
> On Thu, Mar 31, 2011 at 7:57 AM, Owen DeLong <owen at delong.com> wrote:
>>
>> On Mar 30, 2011, at 10:26 PM, Suresh Ramasubramanian wrote:
>>
>>> It also needs
>>>
>>> 1. Someone to complain to law enforcement
>>>
>> True,
>
> as has been brought up in the past here... some folk rely heavily upon
> IRR data for route prefix filtering. if the object is in the IRR
> database (with the right linkages), it gets permitted in router
> filters automagically.

I forgot:
$ whois -h whois.radb.net 148.163.0.0
route:         148.163.0.0/16
descr:         /16 for Celanese
origin:        AS13767
mnt-by:        DBANK-MNT
changed:       jpope at databank.com 20090818
source:        LEVEL3

(this means l3 proxy'd in the record, I think... maybe an L3 person
can speak to this bit?)

> -chris
> (being able to validate 'ownership', really authorization to route,
> automatically will sure be nice, eh?)
>




More information about the NANOG mailing list