Hijacking machine: ASAS201640 / AS200002

• Previous message (by thread): Comcast throttling?
• Next message (by thread): Hijacking machine: ASAS201640 / AS200002
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I don't routinely follow this list, so I'm not sure how much of this is
common knowledge already, but...

  http://blogs.cisco.com/security/talos/help-my-ip-address-has-been-hijacked/

Current route announcements for AS201640:

36.0.56.0/21      probable hijack - China
41.92.206.0/23    probable hijack - Cameroon
41.198.80.0/20    probable hijack - South Africa
41.198.224.0/20   probable hijack - South Africa
61.242.128.0/19   probable hijack - China
119.227.224.0/19  probable hijack - India
123.29.96.0/19    probable hijack - Vietnam
177.22.117.0/24   probable hijack - Brazil
187.189.158.0/23  probable hijack - Mexico
202.39.112.0/20   probable hijack - Taiwan Network Information Center
210.57.0.0/19     probable hijack - Telstra/Japan

It would appear that AS201640 may possibly exist at the present time
only for the purpose of providing illicitly obtained IP space for
spammers, including but not limited to the ""Mike Prescott" mentioned
in the Cisco blog entry cited above.

The spammer, "Mike Prescott"... not his real last name... has also been
spotted spewing from IP space routed by AS200002, which is AS201640's
only connection to the rest of the world.

Coincidence?  You be the judge.


Regards,
rfg


P.S.  If anybody is able to look up _all_ of the route announcements
that have been made by AS201640 over the past few months, I for one would
definitely like to see those.  Please e-mail them to me off list.  I
already know that "Mike Prescott" has been spewing from at least one
of the above current announcements (202.39.112.0/20) and probably all
of the others too.  But there are additional route announcements that
have already been withdrawn, and I'd like to check those for "Mike
Prescott" footprints also.

P.P.S.  To the real "Mike P."... on the off chance that he might see
this... You can run, but you don't hide very well.  You should have
gotten out of the game in 1998 when you had the chance.  Maybe the
Powers That Be will lock you up this time.

• Previous message (by thread): Comcast throttling?
• Next message (by thread): Hijacking machine: ASAS201640 / AS200002
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]