[109192] in North American Network Operators' Group
Re: Potential Prefix Hijack
daemon@ATHENA.MIT.EDU (Network Fortius)
Mon Nov 10 22:32:20 2008
Date: Mon, 10 Nov 2008 21:32:06 -0600
From: "Network Fortius" <netfortius@gmail.com>
To: "nanog@nanog.org" <nanog@nanog.org>
In-Reply-To: <200811111054.09473.mtinka@globaltransit.net>
Errors-To: nanog-bounces@nanog.org
Same problems here, for AS26028
Stefan
On Mon, Nov 10, 2008 at 8:54 PM, Mark Tinka <mtinka@globaltransit.net>wrote=
:
> Hi all.
>
> Anyone know how we can contact AS16735 and their upstream
> AS27664. We think they are hijacking a number of our
> prefixes (AS24218- and AS17992-originated). Thanks BGPmon:
>
> e.g.,
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Possible Prefix Hijack (Code: 11)
> 1 number of peer(s) detected this updates for your prefix
> 61.11.208.0/20:
> Update details: 2008-11-11 02:24 (UTC)
> 61.11.208.0/20
> Announced by: AS16735 (Companhia de Telecomunicacoes do
> Brasil Central)
> Transit AS: 27664 (CTBC Multim=EDdia)
> ASpath: 27664 16735
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> RIPE's RIS BGPlay confirms the same, for about the last
> hour.
>
> E-mails to them won't get there (of course), so our NOC are
> contacting them via Gmail/Yahoo.
>
> All help appreciated.
>
> Cheers,
>
> Mark.
>
