[149277] in North American Network Operators' Group
Re: Hijacked Network Ranges
daemon@ATHENA.MIT.EDU (John Schneider)
Tue Jan 31 20:34:47 2012
From: John Schneider <str8steelerfan@gmail.com>
Date: Tue, 31 Jan 2012 19:33:35 -0600
To: Kelvin Williams <kwilliams@altuscgi.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Another interesting thing that I noticed, is that AS33611 is not
advertising any prefixes other than yours. Either they do not have any of
their own (unlikely)
or they are advertising their own legitimate prefixes from another AS
however I doubt that is the case. It sounds like you were able to verify
that this is indeed
a malicious attack. If that is truly the case, I would certainly be in
contact with your lawyers as this is certainly causing you financial loss
and since it is easily
verifiable, you would have a solid case i would think. I am no attorney
but it seems like a no-brainer to me.
So, it does look like you are finally announcing your prefixes as a /24 and
that most traffic is again coming to your AS. that probably helped quite a
bit right?
Regards,
John
