nanog mailing list archives

Re: Revealed: The Internet's well known BGP behavior

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Thu, 28 Aug 2008 08:01:25 -0400

On Aug 28, 2008, at 6:25 AM, Suresh Ramasubramanian wrote:

Most of the spammer acquired /16s have been

1. pre arin

2. caused by buying up assets of long defunct companies .. assets that
just happen to include a /16 nobody knew about

Not exactly hijacks this lot .. just like those "barely legal" teenmags.

There have been tons of spam runs I have seen from "hijacked" blockswere simply announcing an unused block or a de-agg of a used block,sending spam for a few minutes / hours / days, and stopping theannouncement.

This does not require special techniques, just an upstream willing toaccept & propagate your announcement. Alex & Anthony's preso is aboutintercepting legit traffic, not sending illegitimate traffic.


--
TTFN,
patrick

On Thu, Aug 28, 2008 at 2:28 PM, Gadi Evron <ge () linuxbox org> wrote:

People (especially spammers) have been hijacking networks for awhile now,
maybe now that we have a presentation to whore around, operators can
pressure vendors and bosses.

Current thread:

Re: Revealed: The Internet's well known BGP behavior, (continued)
- - - Re: Revealed: The Internet's well known BGP behavior Patrick W. Gilmore (Aug 27)
    - RE: Revealed: The Internet's well known BGP behavior michael.dillon (Aug 28)
    - RE: Revealed: The Internet's well known BGP behavior michael.dillon (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Patrick Giagnocavo (Aug 27)
    - Message not available
    - RE: Revealed: The Internet's well known BGP behavior Hank Nussbacher (Aug 27)
    - RE: Revealed: The Internet's well known BGP behavior Jon Lewis (Aug 27)
    - Re: Revealed: The Internet's well known BGP behavior Eric Spaeth (Aug 27)
    - Re: Revealed: The Internet's well known BGP behavior Colin Alston (Aug 27)
  - Re: Revealed: The Internet's well known BGP behavior Gadi Evron (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Suresh Ramasubramanian (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Patrick W. Gilmore (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Anton Kapela (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Steven M. Bellovin (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Joe Greco (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Randy Bush (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Gadi Evron (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Alex Pilosov (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Deepak Jain (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Danny McPherson (Aug 28)
    - Re: Revealed: The Internet's well known BGP behavior Florian Weimer (Aug 29)
    - Re: Revealed: The Internet's well known BGP behavior jim deleskie (Aug 29)

(Thread continues...)