[109205] in North American Network Operators' Group
Re: Potential Prefix Hijack
daemon@ATHENA.MIT.EDU (Tuc at T-B-O-H.NET)
Tue Nov 11 07:48:47 2008
From: "Tuc at T-B-O-H.NET" <ml@t-b-o-h.net>
To: raymond@prolocation.net (Raymond Dijkxhoorn)
Date: Tue, 11 Nov 2008 07:48:22 -0500 (EST)
In-Reply-To: <alpine.LFD.2.00.0811111338090.25419@control.prolocation.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
>
> Hi!
>
> > We were hijacked aswell, by 27664 16735
> >
> > Our affected prefixes were:
> >
> > 94.46.0.0/16
> > 194.88.142.0/23
> > 194.11.23.0/24
> > 82.102.0.0/18
> > 195.246.238.0/23
> > 194.107.127.0/24
> > 81.92.192.0/19
> > 193.227.238.0/23
> >
> > We are trying to contact them in order to get some feedback, and some good explanation for this.
>
> The obviously were leaking full routing, are we all gonna annnounce 'my
> prefix was in there also?'
>
ACTUALLY............ They didn't hijack ALL my netblocks... I have 3. One was completely
untouched, 1 was only hijacked by 1 site, and the last was hijacked by 2 different sites. :)
Tuc
