Hijacked Network Ranges

Kelvin Williams kwilliams at altuscgi.com
Tue Jan 31 18:22:59 UTC 2012

Upstream requirements. Additionally, I don't believe it would do us any
good. If they're announcing /24 now, why would they not announce a /25.
On Jan 31, 2012 1:19 PM, "Grant Ridder" <shortdudey123 at gmail.com> wrote:

> Hi,
> What is keeping you from advertising a more specific route (i.e /25's)?
> -Grant
> On Tue, Jan 31, 2012 at 12:00 PM, Kelvin Williams <kwilliams at altuscgi.com>wrote:
>> Greetings all.
>> We've been in a 12+ hour ordeal requesting that AS19181 (Cavecreek
>> Internet
>> Exchange) immediately filter out network blocks that are being advertised
>> by ASAS33611 (SBJ Media, LLC) who provided to them a forged LOA.
>> The routes for networks:,, and
>> are registered in various IRRs all as having an origin AS
>> 11325 (ours), and are directly allocated to us.
>> The malicious hijacking is being announced as /24s therefore making route
>> selection pick them.
>> Our customers and services have been impaired.  Does anyone have any
>> contacts for anyone at Cavecreek that would actually take a look at ARINs
>> WHOIS, and IRRs so the networks can be restored and our services back in
>> operation?
>> Additionally, does anyone have any suggestion for mitigating in the
>> interim?  Since we can't announce as /25s and IRRs are apparently a pipe
>> dream.
>> --
>> Kelvin Williams
>> Sr. Service Delivery Engineer
>> Broadband & Carrier Services
>> Altus Communications Group, Inc.
>> "If you only have a hammer, you tend to see every problem as a nail." --
>> Abraham Maslow

More information about the NANOG mailing list