[125065] in North American Network Operators' Group
Re: BGP hijack from 23724 -> 4134 China?
daemon@ATHENA.MIT.EDU (Brielle Bruns)
Thu Apr 8 16:43:44 2010
Date: Thu, 08 Apr 2010 14:36:19 -0600
From: Brielle Bruns <bruns@2mbit.com>
To: nanog@nanog.org
In-Reply-To: <4BBE3B2A.7070901@west.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 4/8/10 2:23 PM, Jay Hennigan wrote:
> We just got Cyclops alerts showing several of our prefixes sourced from
> AS23474 propagating through AS4134. Anyone else?
>
> aut-num: AS23724
> as-name: CHINANET-IDC-BJ-AP
> descr: IDC, China Telecommunications Corporation
> country: CN
>
> aut-num: AS4134
> as-name: CHINANET-BACKBONE
> descr: No.31,Jin-rong Street
> descr: Beijing
> descr: 100032
> country: CN
>
> --
> Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net
> Impulse Internet Service - http://www.impulse.net/
> Your local telephone and internet company - 805 884-6323 - WB6RDV
>
I'm starting to wonder if someone is 'testing the waters' in China to
see what they can get away with. I hate to be like this, but there's a
reason why I have all of China filtered on my routers.
Amazing how much SSH hammering, spam, and other nastiness went away
within minutes of the filtering going in place.
There comes a point where 'accidental' and 'isolated incident' become
"we no care" and "spam not illegal". And no, i'm not quoting that to
mock, but rather repeat exactly what admins in China send to me in
response to abuse reports and blocking in the AHBL.
--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org / http://www.ahbl.org
