HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP hijacking??

• Previous message (by thread): HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP hijacking??
• Next message (by thread): HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP hijacking??
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I don't believe this record indicates that Level3 proxy registered the route
object.
It means that someone used the DBANK-MNT maintainer ID in the Level3 RR to
enter a route object 18 months ago.

It looks like Level3 is originating the route in AS3356, not accepting it
from AS13767 (which is what the object would suggest to do.)

Oops, looks like the route is now gone.  Guess it got cleaned.

Tony

On Thu, Mar 31, 2011 at 5:49 AM, Christopher Morrow <morrowc.lists at gmail.com
> wrote:

>
> I forgot:
> $ whois -h whois.radb.net 148.163.0.0
> route:         148.163.0.0/16
> descr:         /16 for Celanese
> origin:        AS13767
> mnt-by:        DBANK-MNT
> changed:       jpope at databank.com 20090818
> source:        LEVEL3
>
> (this means l3 proxy'd in the record, I think... maybe an L3 person
> can speak to this bit?)
>
> > -chris
> > (being able to validate 'ownership', really authorization to route,
> > automatically will sure be nice, eh?)
> >
>
>

• Previous message (by thread): HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP hijacking??
• Next message (by thread): HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP hijacking??
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]