nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Potential Prefix Hijack

From: "Paul Kelly :: Blacknight" <paul () blacknight com>
Date: Tue, 11 Nov 2008 11:53:23 +0000
We too saw this issue.

2008-11-11 01:56:36 GMT they took over one of our /20's ...

Paul Kelly
Technical Director
Blacknight Internet Solutions ltd
Hosting, Colocation, Dedicated servers
IP Transit Services
Tel: +353 (0) 59 9183072
Lo-call: 1850 929 929
DDI: +353 (0) 59 9183091

e-mail: paul () blacknight ie
web: http://www.blacknight.ie

Blacknight Internet Solutions Ltd,
Unit 12A,Barrowside Business Park,
Sleaty Road,
Graiguecullen,
Carlow,
Ireland

Company No.: 370845



-----Original Message-----
From: Mark Tinka [mailto:mtinka () globaltransit net]
Sent: Tuesday, November 11, 2008 2:54 AM
To: nanog () nanog org
Subject: Potential Prefix Hijack

Hi all.

Anyone know how we can contact AS16735 and their upstream
AS27664. We think they are hijacking a number of our
prefixes (AS24218- and AS17992-originated). Thanks BGPmon:

e.g.,

====================
Possible Prefix Hijack (Code: 11)
1 number of peer(s) detected this updates for your prefix
61.11.208.0/20:
Update details: 2008-11-11 02:24 (UTC)
61.11.208.0/20
Announced by: AS16735 (Companhia de Telecomunicacoes do
Brasil Central)
Transit AS: 27664 (CTBC Multimdia)
ASpath: 27664 16735
=====================

RIPE's RIS BGPlay confirms the same, for about the last
hour.

E-mails to them won't get there (of course), so our NOC are
contacting them via Gmail/Yahoo.

All help appreciated.

Cheers,

Mark.
Previous By Date Next
Previous By Thread Next

Current thread: