[#135346] Unauthorized BGP Announcements (follow up to Hijacked Networks)

Wed Feb 1 01:26:38 UTC 2012

Curious, What was the outcome of this?

In any case, I'm hoping the major Tier-1s do the right thing and filter the
rogue annoucements, while allowing the OP's.  Hopefully after enough
pressure and dysfunction, they will give it up.

On Tue, Jan 31, 2012 at 6:15 PM, David Conrad <drc at virtualized.org> wrote:

> > I hope none of you ever get hijacked by a spammer housed at Phoenix NAP.
>  :)
>
> In the dim past, I had a somewhat similar situation:
>
> - A largish (national telco of a small country) ISP started announcing
> address space a customer of theirs provided.  Unfortunately, the address
> space wasn't the ISP's customer's to provide.
> - When the ISP was notified by both their RIR and the organization to
> which the address space was rightfully delegated, the ISP's response was:
>
> "We have a contractual relationship with our customer to announce that
> space.  We have neither a contractual relationship (in this context) with
> the RIR nor the RIR's customer.  The RIR and/or the RIR's customer should
> resolve this issue with our customer."
>
> It as an eye-opening experience.
>
> Regards,
> -drc
>
> On Jan 31, 2012, at 4:49 PM, Kelvin Williams wrote:
>
> >
> > We're still not out of the woods, announcing /24s and working with upper
> > tier carriers to filter out our lists.  However, I just got this response
> > from Phoenix NAP and found it funny.  The "thief" is a former customer,
> > whom we terminated their agreement with.  They then forged an LOA,
> > submitted it to CWIE.net and Phoenix NAP and resumed using space above
> and
> > beyond their terminated agreement.  So now any request for assistance to
> > stop our networks from being announced is now responded to with an
> > instruction to contact the thief's lawyer.
> >
> > kw
> >
> > ---------- Forwarded message ----------
> > From: Kelvin Williams <kwilliams at altuscgi.com>
> > Date: Tue, Jan 31, 2012 at 7:43 PM
> > Subject: Re: [#135346] Unauthorized BGP Announcements
> > To: noc at phoenixnap.com
> >
> >
> > We'll be forwarding this to our peers in the industry--rather funny that
> > Phoenix NAP would rather send us to the attorney of the people stealing
> our
> > space than bothering to perform an ARIN WHOIS search, or querying any of
> > the IRRs.
> >
> > Interesting...  Very interesting...  So, who all do you have
> > there--spammers and child pornographers?  Is this level of protection
> what
> > you give to them all?
> >
> >
> >
> > On Tue, Jan 31, 2012 at 7:30 PM, Brandon S <BrandonS at phoenixnap.com>
> wrote:
> >
> >> Hello,
> >>
> >> Thank you for your email. Please direct any further questions regarding
> >> this issue to the following contact.
> >>
> >> Bennet Kelley
> >> 100 Wilshire Blvd.
> >> Suite 950
> >> Santa Monica, CA 90401
> >> bkelley at internetlawcenter.net
> >>
> >> Telephone
> >> 310-452-0401
> >>
> >> Facsimile
> >> 702-924-8740
> >>
> >> --
> >> Brandon S.
> >> NOC Services Technician
> >>
> >> ** We want to hear from you!**
> >> We care about the quality of our service. If you’ve received
> >> anything less than a prompt response or exceptional service or would
> like
> >> to share any
> >> feedback regarding your experience, please let us know by sending an
> email
> >> to management:
> >> supportfeedback at phoenixnap.com
> >>
> >> --
> > Kelvin Williams
> > Sr. Service Delivery Engineer
> > Broadband & Carrier Services
> > Altus Communications Group, Inc.
> >
> >
> > "If you only have a hammer, you tend to see every problem as a nail." --
> > Abraham Maslow
>
>
>