[139236] in North American Network Operators' Group
Re: HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP
daemon@ATHENA.MIT.EDU (Owen DeLong)
Thu Mar 31 01:12:55 2011
In-Reply-To: <33835.1301522364@tristatelogic.com>
From: Owen DeLong <owen@delong.com>
Date: Thu, 31 Mar 2011 00:11:33 -0500
To: "Ronald F. Guilmette" <rfg@tristatelogic.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Ronald...
Cleaning up the routing, true.
However, this sounds like there are two issues...
1. Routing -- Would be nice if the advertising provider(s) stopped doi=
ng so.
Not something ARIN can really do much about.
2. Database -- Sounds like the existing resource holder may not still b=
e using
the resource or may no longer exist. In either case, it's worth hav=
ing ARIN
investigate the situation and take appropriate database action if t=
hat is the case.
Owen
Sent from my iPad
On Mar 30, 2011, at 4:59 PM, "Ronald F. Guilmette" <rfg@tristatelogic.com> w=
rote:
>=20
> In message <BE8C4985-F955-4868-8145-146E57BBF639@pch.net>,=20
> Bill Woodcock <woody@pch.net> wrote:
>=20
>> On Mar 30, 2011, at 1:58 PM, Ronald F. Guilmette wrote:
>>> As I already mentioned, 159.223.0.0/16, which is actually registered =3D=
>> to
>>> the Hoechst Celanese Corporation, has quite obviously been hijacked
>>=20
>> And have you reported this to ARIN?
>=20
> No. Why would I?
>=20
> The ARIN folks have already made it abundantly clear... to me and to other=
s...
> that this sort of thing is "Not our job, man."
>=20
> ARIN maintains a data base. If other people elect to ignore what's in tha=
t
> data base... well... as anybody from ARIN will be only too happy to tell y=
ou,
> they are not the routing police.
>=20
>=20
> Regards,
> rfg
