[#135346] Unauthorized BGP Announcements (follow up to Hijacked Networks)

Wed Feb 1 01:31:03 UTC 2012

We started announcing /24s, combined with the shorter path it seems to be
fine.

Still jumping through hoops upstream.
On Jan 31, 2012 8:26 PM, "PC" <paul4004 at gmail.com> wrote:

> Curious, What was the outcome of this?
>
> In any case, I'm hoping the major Tier-1s do the right thing and filter
> the rogue annoucements, while allowing the OP's.  Hopefully after enough
> pressure and dysfunction, they will give it up.
>
> On Tue, Jan 31, 2012 at 6:15 PM, David Conrad <drc at virtualized.org> wrote:
>
>> > I hope none of you ever get hijacked by a spammer housed at Phoenix
>> NAP.  :)
>>
>> In the dim past, I had a somewhat similar situation:
>>
>> - A largish (national telco of a small country) ISP started announcing
>> address space a customer of theirs provided.  Unfortunately, the address
>> space wasn't the ISP's customer's to provide.
>> - When the ISP was notified by both their RIR and the organization to
>> which the address space was rightfully delegated, the ISP's response was:
>>
>> "We have a contractual relationship with our customer to announce that
>> space.  We have neither a contractual relationship (in this context) with
>> the RIR nor the RIR's customer.  The RIR and/or the RIR's customer should
>> resolve this issue with our customer."
>>
>> It as an eye-opening experience.
>>
>> Regards,
>> -drc
>>
>> On Jan 31, 2012, at 4:49 PM, Kelvin Williams wrote:
>>
>> >
>> > We're still not out of the woods, announcing /24s and working with upper
>> > tier carriers to filter out our lists.  However, I just got this
>> response
>> > from Phoenix NAP and found it funny.  The "thief" is a former customer,
>> > whom we terminated their agreement with.  They then forged an LOA,
>> > submitted it to CWIE.net and Phoenix NAP and resumed using space above
>> and
>> > beyond their terminated agreement.  So now any request for assistance to
>> > stop our networks from being announced is now responded to with an
>> > instruction to contact the thief's lawyer.
>> >
>> > kw
>> >
>> > ---------- Forwarded message ----------
>> > From: Kelvin Williams <kwilliams at altuscgi.com>
>> > Date: Tue, Jan 31, 2012 at 7:43 PM
>> > Subject: Re: [#135346] Unauthorized BGP Announcements
>> > To: noc at phoenixnap.com
>> >
>> >
>> > We'll be forwarding this to our peers in the industry--rather funny that
>> > Phoenix NAP would rather send us to the attorney of the people stealing
>> our
>> > space than bothering to perform an ARIN WHOIS search, or querying any of
>> > the IRRs.
>> >
>> > Interesting...  Very interesting...  So, who all do you have
>> > there--spammers and child pornographers?  Is this level of protection
>> what
>> > you give to them all?
>> >
>> >
>> >
>> > On Tue, Jan 31, 2012 at 7:30 PM, Brandon S <BrandonS at phoenixnap.com>
>> wrote:
>> >
>> >> Hello,
>> >>
>> >> Thank you for your email. Please direct any further questions regarding
>> >> this issue to the following contact.
>> >>
>> >> Bennet Kelley
>> >> 100 Wilshire Blvd.
>> >> Suite 950
>> >> Santa Monica, CA 90401
>> >> bkelley at internetlawcenter.net
>> >>
>> >> Telephone
>> >> 310-452-0401
>> >>
>> >> Facsimile
>> >> 702-924-8740
>> >>
>> >> --
>> >> Brandon S.
>> >> NOC Services Technician
>> >>
>> >> ** We want to hear from you!**
>> >> We care about the quality of our service. If you’ve received
>> >> anything less than a prompt response or exceptional service or would
>> like
>> >> to share any
>> >> feedback regarding your experience, please let us know by sending an
>> email
>> >> to management:
>> >> supportfeedback at phoenixnap.com
>> >>
>> >> --
>> > Kelvin Williams
>> > Sr. Service Delivery Engineer
>> > Broadband & Carrier Services
>> > Altus Communications Group, Inc.
>> >
>> >
>> > "If you only have a hammer, you tend to see every problem as a nail." --
>> > Abraham Maslow
>>
>>
>>
>