Amprnet? (was Re: [anti-abuse-wg] Yet another BGP hijacking towards AS16509)

[Ellenor Agnes Bjornsdottir <large.hadron.collider () gmx com>]

Wasn't 44/8 the space for AMPRNet?

I looked it up and they sold part of it to Amazon. Ok. Got it.

Possible that a potential highjack could be a good faith radio ham who
hasn't somehow been updated on the sale of that space? Or more likely to
be a malicious highjack?

On 8/23/22 02:05, Siyuan Miao wrote:
> Amazon was only announcing 44.224.0.0/11 <http://44.224.0.0/11> at first.
>
> https://bgp.tools/prefix/44.235.216.0/24
>
> On Tue, Aug 23, 2022 at 4:03 AM Ronald F. Guilmette
> <rfg () tristatelogic com> wrote:
>
>     In message
>     <CAO3CAMoT9gC_Evd-CcZg06A-o_MajmLtxLHbXFnauDoMyqoSYg () mail gmail com>,
>     Siyuan Miao <siyuan () misaka io> wrote:
>
>     >Hjacking didn't last too long. AWS started announcing a more specific
>     >announcement to prevent hijacking around 3 hours later. Kudos to
>     Amazon's
>     >security team :-)
>
>     Sorry.  I'm missing something here.  If the hijack was of
>     44.235.216.0/24 <http://44.235.216.0/24>, then
>     how did AWS propagate a "more specific" than that?
>
>
>     Regards,
>     rfg
>
>     --
>
>     To unsubscribe from this mailing list, get a password reminder, or
>     change your subscription options, please visit:
>     https://lists.ripe.net/mailman/listinfo/anti-abuse-wg