[139245] in North American Network Operators' Group
Re: HIJACKED: 148.163.0.0/16 -- WTF? Level3 is now doing IP
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Thu Mar 31 05:50:49 2011
In-Reply-To: <AANLkTi=vuNfq_ntPFL7-caPWX2LM=ui5O0GjcU7NVteH@mail.gmail.com>
Date: Thu, 31 Mar 2011 11:49:53 +0200
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Owen DeLong <owen@delong.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>, Brandon Ross <bross@pobox.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Mar 31, 2011 at 11:48 AM, Christopher Morrow
<morrowc.lists@gmail.com> wrote:
> On Thu, Mar 31, 2011 at 7:57 AM, Owen DeLong <owen@delong.com> wrote:
>>
>> On Mar 30, 2011, at 10:26 PM, Suresh Ramasubramanian wrote:
>>
>>> It also needs
>>>
>>> 1. Someone to complain to law enforcement
>>>
>> True,
>
> as has been brought up in the past here... some folk rely heavily upon
> IRR data for route prefix filtering. if the object is in the IRR
> database (with the right linkages), it gets permitted in router
> filters automagically.
I forgot:
$ whois -h whois.radb.net 148.163.0.0
route: 148.163.0.0/16
descr: /16 for Celanese
origin: AS13767
mnt-by: DBANK-MNT
changed: jpope@databank.com 20090818
source: LEVEL3
(this means l3 proxy'd in the record, I think... maybe an L3 person
can speak to this bit?)
> -chris
> (being able to validate 'ownership', really authorization to route,
> automatically will sure be nice, eh?)
>
