an IP hijacking attempt

• Previous message (by thread): an IP hijacking attempt
• Next message (by thread): an IP hijacking attempt
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Daniel,


> 
> Tracing it back to the originator of the route is of course a good first step.

Yes, we have done that and the results were not good.
The company that created the LOA is registered in the Seychelles and they have IPs that were/are being revoked by Afrinic
remarks:        * * * * * * * * * * * * * * * * * * * * * * * * *
remarks:        *                                               *
remarks:        *      This IP prefix will be reclaimed and     *
remarks:        *      returned to the free pool by AFRINIC     *
remarks:        *             on the 5th March 2021.            *
remarks:        *                                               *
remarks:        *     For more information, please contact      *
remarks:        *       AFRINIC at hostmaster at afrinic.net       *
remarks:        *                                               *
remarks:        * * * * * * * * * * * * * * * * * * * * * * * * *

> 
> I would send an FYI to the RIR that allocated the prefix; preferably after the
> initial investigation established that it was not a genuine mistake. In that
> message I would make very clear if any action is requested from the RIR or
> not. If it is just an FYI the RIR will take note of it, watch for trends and take it
> into account before doing anything with the registration.
> 
> Just what I would do.

Thanks for the Advice, I will do so



Brian 

• Previous message (by thread): an IP hijacking attempt
• Next message (by thread): an IP hijacking attempt
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]