nanog mailing list archives
Re: Spectrum prefix hijacks
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Tue, 2 Jan 2018 21:30:47 -0500
it looks like 203040 is a pure transit as (no originated prefixes) and 1103 - surfnet could squish what is your view anyway. On Tue, Jan 2, 2018 at 9:29 PM, Christopher Morrow <morrowc.lists () gmail com> wrote:
On Tue, Jan 2, 2018 at 8:50 PM, James Milko <jmilko () gmail com> wrote:Not sure if anyone from Spectrum is looking here at this hour, but someone is hijacking a few of your prefixes. It's causing problems in my area (NC) with reaching Google services. I'm sure there are other impacts, but that's what people are noticing. Sorry if this hits the list twice, I sent it from the wrong e-mail address the first go round. * 107.12.0.0/16 193.0.0.56 0 3333 1103 203040 10512 i *> 103.247.3.45 0 58511 203040 10512 i * 107.13.0.0/16 193.0.0.56 0 3333 1103 203040 10512 i *> 103.247.3.45 0 58511 203040 10512 i * 107.14.0.0/16 193.0.0.56 0 3333 1103 203040 10512 i Network Next Hop Metric LocPrf Weight Path *> 103.247.3.45 0 58511 203040 10512 i * 107.15.0.0/16 193.0.0.56 0 3333 1103 203040 10512 i * 103.247.3.45 0 58511 203040 10512 iE-Forex you say? shocker: AS | BGP IPv4 Prefix | AS Name 10512 | 102.164.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 102.194.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 103.116.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 106.128.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 106.129.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 106.130.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 106.131.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 107.12.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 107.13.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 107.14.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 107.15.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 14.5.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 147.17.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 180.237.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.183.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.185.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.186.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.187.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.188.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.189.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.190.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.191.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.192.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.193.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.194.0.0/16 | EFOREX-AS - E-FOREX, US 10512 | 42.195.0.0/16 | EFOREX-AS - E-FOREX, US I'm going to guess they are hijacking a bunch of space and sending spam? (the 42/8 space is variously telecom malaysia and china unicom) the 102 space is un-allocated afrnic space... probably no good these folk are up to.
Current thread:
- Spectrum prefix hijacks James Milko (Jan 02)
- Re: Spectrum prefix hijacks Christopher Morrow (Jan 02)
- Re: Spectrum prefix hijacks Christopher Morrow (Jan 02)
- Re: Spectrum prefix hijacks James Milko (Jan 02)
- Re: Spectrum prefix hijacks Christopher Morrow (Jan 02)
- Re: Spectrum prefix hijacks Christopher Morrow (Jan 02)
- Re: Spectrum prefix hijacks Christopher Morrow (Jan 02)