[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956

Subject: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956
From: job at ntt.net (Job Snijders)
Date: Fri, 4 Jan 2019 11:21:32 +0300
In-reply-to: <[email protected]>
References: <[email protected]>

Dear all,

NTT / AS 2914 deployed explicit filters to block this BGP announcement from
AS 4134. I recommend other operators to do the same.

Iâ??d also like to recommend AS 32982 to remove the AS_PATH prepend on the
/24 announcement so the counter measure is more effective.

Kind regards,

Job

On Fri, Jan 4, 2019 at 1:02 Dominik Bay <db at rrbone.net> wrote:

>  I see the follwowing ASN transiting a leak concerning 192.208.19.0/24
> originated by 4812
>
> 209
> 286
> 3320
> 5400
> 5511
> 6327
> 6461
> 6762
> 6830
> 8218
> 8220
> 8447
> 8551
> 9002
> 12956
>
> The proper source is 32982 (Department of Energy).
> More details to be found here: https://bgpstream.com/event/171779
> And here: http://lg.ring.nlnog.net/prefix_detail/lg01/ipv4?q=192.208.19.0
>
> Cheers,
> Dominik
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190104/0c84b757/attachment.html>

References:
- 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956
  - From: db at rrbone.net (Dominik Bay)

Prev by Date: Cellular backup connections
Next by Date: Changing upstream providers, opinions/thoughts on 123.net and cogent
Previous by thread: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956
Next by thread: (FIXED) Re: 192.208.19.0/24 hijack transiting 209, 286, 3320, 5511, 6461, 6762, 6830, 8220, 9002, 12956
Index(es):
- Date
- Thread