Home page logo
/

nanog logo nanog mailing list archives

Re: oof. panix sidelined by incompetence... again.
From: Todd Underwood <todd-nanog () renesys com>
Date: Sun, 22 Jan 2006 23:39:53 -0500


Folx,

On Sun, Jan 22, 2006 at 06:09:08PM +0000, Thor Lancelot Simon wrote:

This is hardly as serious as the last incident -- but, well, some people
do seem to have all the luck, eh?

From where I'm standing this situation looks much more serious than
the last one.  It looks like Con Edison (AS27506) hijacked several
prefixes other than just Panix's, and I'm not sure that they're done
announcing them yet.  I see ~70 new prefixes, many of whom are
customers of Con Edison, but about 25 of these appear to have no
previous relationship to 27506).

I won't bore people with to many details here (unless there is great
interest) but a quick, rough-n-ready analysis is up at

http://www.renesys.com/blog/2006/01/coned_steals_the_net.shtml

for those that are curious.  (For those that don't want to read it, I
think one main punchline is that Con Edison spewed a bunch of routes
they didn't own and UUNet and Verio believed them).  

Please let me know if you see errors in there.

t.

-- 
_____________________________________________________________________
todd underwood
chief of operations & security 
renesys - internet intelligence
todd () renesys com   www.renesys.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault