Home page logo

basics logo Security Basics mailing list archives

RE: IP announce DOS
From: "Burton Strauss" <BStrauss3 () comcast net>
Date: Thu, 9 Jun 2005 12:41:05 -0500

Contact the upstream provider of the original ISP.

They should care - since they're aggregating the routes and announcing them
to other tier 1 ISPs, the upstream provider is the one going to be tagged
with bogus routes or route flap in the statistics.


-----Original Message-----
From: Micheal Espinola Jr [mailto:michealespinola () gmail com] 
Sent: Thursday, June 09, 2005 10:41 AM
To: security-basics () securityfocus com
Subject: Re: IP announce DOS

I don't think there is anyone you can report them to that will take any
timely action against them.

How have you attempted to escalate the issue with the old ISP?

Have you contacted your new ISP to try to resolve the issue through them?

On 6/8/05, Alex Thurlow <buddychrist () gmail com> wrote:
I'm not positive this is the correct list to ask, but it is a security 
concern, so I thought I would.  The company I work for had T1 lines 
running to our office provided by a local provider.  We had our own C 
block of IPs being announced by them and routed to us over those T1s.
Our relationship with them went sour (for many reasons I won't get 
into here), and we had to move to a different provider.  We had the 
routing switched over to them.  Everything was fine.  Here it is a few 
weeks later, and suddenly our old provider starts announcing these IPs
The end result is a partial DOS attack (hence writing to this list) as 
some people can't reach us.  They won't stop the announcement.  I 
don't know all the details on what they've said there as it's now gone 
to executives and legal people dealing with them.  Is there anything 
we can do here from a network standpoint?  Someone we can report them 
to?  How do people protect themselves from just anyone announcing IPs 
that aren't theirs?

Thanks in advance,
Alex Thurlow


Email Marketing Solutions that Deliver Service You Can Trust

You are receiving this email message
from a representative of SKYLIST, Inc.
13171 Pond Springs Road, Austin, TX 78729 Toll Free: 877.250.2922

To cease all communication with SKYLIST, visit 
or send an email to unsubscribe () skylist com

ME2  <http://www.santeriasys.net/>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]