nanog mailing list archives
Re: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956
From: Job Snijders <job () ntt net>
Date: Fri, 4 Jan 2019 11:21:32 +0300
Dear all, NTT / AS 2914 deployed explicit filters to block this BGP announcement from AS 4134. I recommend other operators to do the same. I’d also like to recommend AS 32982 to remove the AS_PATH prepend on the /24 announcement so the counter measure is more effective. Kind regards, Job On Fri, Jan 4, 2019 at 1:02 Dominik Bay <db () rrbone net> wrote:
I see the follwowing ASN transiting a leak concerning 192.208.19.0/24 originated by 4812 209 286 3320 5400 5511 6327 6461 6762 6830 8218 8220 8447 8551 9002 12956 The proper source is 32982 (Department of Energy). More details to be found here: https://bgpstream.com/event/171779 And here: http://lg.ring.nlnog.net/prefix_detail/lg01/ipv4?q=192.208.19.0 Cheers, Dominik
Current thread:
- 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956 Dominik Bay (Jan 03)
- Re: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956 Jeff Shultz (Jan 03)
- Re: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956 Job Snijders (Jan 04)
- (FIXED) Re: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956 Dominik Bay (Jan 04)