[139232] in North American Network Operators' Group
Re: HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP
daemon@ATHENA.MIT.EDU (Brandon Ross)
Thu Mar 31 00:05:42 2011
Date: Thu, 31 Mar 2011 00:00:15 -0400 (EDT)
From: Brandon Ross <bross@pobox.com>
To: "Ronald F. Guilmette" <rfg@tristatelogic.com>
In-Reply-To: <36496.1301541975@tristatelogic.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 30 Mar 2011, Ronald F. Guilmette wrote:
> So that _really_ begs the question... Why did Circle Internet and (apparently)
> Level3's customer, BANDCON, blindly accept _any_ sort of assertion that the
> crook who hijacked these two /16s had the right to use them?
What makes you think it was blind? The standard industry practice is to
ask someone requesting to announce a route for a letter on the owner's
letter head authorizing the announcement. Is it really that hard to
invent some letterhead and sign a letter?
It's probably one of the easiest to circumvent "security" procedures ever.
Frankly it's a giant waste of time and does nothing other than frustrate
legitimate work.
--
Brandon Ross AIM: BrandonNRoss
ICQ: 2269442
Skype: brandonross Yahoo: BrandonNRoss
