[109206] in North American Network Operators' Group
Re: Potential Prefix Hijack
daemon@ATHENA.MIT.EDU (Raymond Dijkxhoorn)
Tue Nov 11 07:52:51 2008
Date: Tue, 11 Nov 2008 13:52:37 +0100 (CET)
From: Raymond Dijkxhoorn <raymond@prolocation.net>
To: "Tuc at T-B-O-H.NET" <ml@t-b-o-h.net>
In-Reply-To: <200811111248.mABCmM01013216@himinbjorg.tucs-beachin-obx-house.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Hi!
>>> 94.46.0.0/16
>>> 194.88.142.0/23
>>> 194.11.23.0/24
>>> 82.102.0.0/18
>>> 195.246.238.0/23
>>> 194.107.127.0/24
>>> 81.92.192.0/19
>>> 193.227.238.0/23
>>>
>>> We are trying to contact them in order to get some feedback, and some good explanation for this.
>> The obviously were leaking full routing, are we all gonna annnounce 'my
>> prefix was in there also?'
> ACTUALLY............ They didn't hijack ALL my netblocks... I have 3. One was completely
> untouched, 1 was only hijacked by 1 site, and the last was hijacked by 2 different sites. :)
So their router had most likely a hard time and stuff was flapping, i see
something like that in the BGPLay output also.
Bye,
Raymond.
