[130140] in North American Network Operators' Group
AS10392 -- Hijacked?
daemon@ATHENA.MIT.EDU (Ronald F. Guilmette)
Wed Sep 29 07:56:45 2010
To: nanog@nanog.org
Date: Wed, 29 Sep 2010 04:56:34 -0700
From: "Ronald F. Guilmette" <rfg@tristatelogic.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Evidence strongly suggests that AS10392 together with all of the IPv4
space it is currently announcing routes for, i.e.:
192.171.64.0/19
204.137.224.0/19
205.164.0.0/20
205.164.16.0/20
205.164.32.0/20
205.164.48.0/20
have all been hijacked. I will be reporting this formally to ARIN today,
via their helpful fraud reporting web form.
In the meantime, while this case is being carefully adjudicated by ARIN,
some folks may wish to blackhole the above. (The IP space appears to be
in use by some sort of snowshoe spamming operation.)
Regards,
rfg
P.S. Connectivity for AS10392 appears to come from only one place:
http://www.robtex.com/as/as10392.html#graph
