[52503] in North American Network Operators' Group
Re: Hunting for bogus BGP announcement for 204.106.93.155
daemon@ATHENA.MIT.EDU (David G. Andersen)
Thu Oct 3 13:05:09 2002
Date: Thu, 3 Oct 2002 13:02:44 -0400
From: "David G. Andersen" <dga@lcs.mit.edu>
To: Jesper Skriver <jesper@skriver.dk>, Michael.Dillon@radianz.com,
nanog@merit.edu
Mail-Followup-To: "David G. Andersen" <dga@lcs.mit.edu>,
Jesper Skriver <jesper@skriver.dk>, Michael.Dillon@radianz.com,
nanog@merit.edu
In-Reply-To: <20021003164853.GC85590@skriver.dk>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, Oct 03, 2002 at 06:48:53PM +0200, Jesper Skriver mooed:
>
> On Thu, Oct 03, 2002 at 04:35:45PM +0100, Michael.Dillon@radianz.com
> wrote:
>
> > For the last two days, between approximately 7pm to 2am Eastern
> > time, a spammer hijacked a piece of our address space, presumably
> > by announcing some size of aggregate containing the IP address
> > 204.106.93.155. During the time that the spammer had connectivity
> > using this bogus announcement,
>
> RIS didn't pick anything up
Nor did our BGP monitors, nor our db of Routeviews.
http://bgp.lcs.mit.edu/
Interestingly, we se _no_ announcements of any netblock containing
this address, ever. I assume you haven't brought this address space
on-line yet?
-Dave
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
I do not accept unsolicited commercial email. Do not spam me.
