BGP hijack: 64.68.207.0/24 from as133955

Theodore Baschak theodore at ciscodude.net
Wed Oct 4 15:29:55 CST 2017


I noticed when I looked into both of these leaks 3 hours after Clinton's
message yesterday that I couldn't see them in any of the looking glasses I
was looking in (including the NLNOG looking glass)

Looks like things were able to be cleaned up very quickly.



Theodore Baschak - AS395089 - Hextet Systems
https://bgp.guru/ - https://hextet.net/
http://mbix.ca/ - http://mbnog.ca/




On Tue, Oct 3, 2017 at 6:29 PM, Clinton Work <clinton at scripty.com> wrote:

> TELUS AS852 has three address blocks hijacked by AS133955 as well.   We
> have not been able to get in contact with AS24155.  It looks like they
> are buying transit from PCCW AS3491 and Taiwan Internet Gateway AS9505.
>
> 68.182.255.0/24
> 74.49.255.0/24
> 96.1.255.0/24
>
>
> On Tue, Oct 3, 2017, at 10:30 AM, Mark Jeftovic wrote:
> >
> > as133955 is broadcasting bogus BGP announcement for our netblock
> > 64.68.207.0/24
> >
> > It's in China, and we're trying to contact as24155 but they are also in
> > China and we're just emailing their whois record address.
> >
> > If you're nearby and in a position to block/dampen that might be helpful.
> >
> > Thx
> >
> > - mark
> >
> > --
> > Mark Jeftovic <markjr at easydns.com>
> > Founder & CEO, easyDNS Technologies Inc.
> > http://www.easyDNS.com
> >
> >
>


More information about the NANOG mailing list