Home page logo
/

nanog logo nanog mailing list archives

RE: Anyone notice strange announcements for 174.128.31.0/24
From: "Paul Stewart" <pstewart () nexicomgroup net>
Date: Mon, 12 Jan 2009 18:13:53 -0500

The alerts we got were because our AS number was showing up somewhere
else in the world.  Whether it's "legit" IP space or not - it still
warrants investigation on a high priority from my perspective.

I have nothing against Randy or anyone else involved with this project
.. to be quite honest I'd be interesting in seeing/hearing the results
... but I believe a more careful approach is in order with consideration
for the folks effected.

Paul


-----Original Message-----
From: deleskie () gmail com [mailto:deleskie () gmail com]
Sent: January 12, 2009 6:00 PM
To: Michienne Dixon; NANOG list
Subject: Re: Anyone notice strange announcements for 174.128.31.0/24

This was a test using unassigned IP block, unless I'm reading it wrong.
If a noc alerted on this it should have still be a low priority issue.
I don't see any issues with the way this was carried out at all.

-jim
------Original Message------
From: Michienne Dixon
To: NANOG list
Subject: RE: Anyone notice strange announcements for 174.128.31.0/24
Sent: Jan 12, 2009 6:55 PM


But isn't this method kind of related to how an network from the
Mediterranean/Mid-east went about blocking what they felt was
undesirable/offensive content from entering their network?

-
Michienne Dixon
Network Administrator
liNKCity
312 Armour Rd.
North Kansas City, MO  64116
www.linkcity.org
(816) 412-7990

-----Original Message-----
From: Randy Bush [mailto:randy () psg com]
Sent: Monday, January 12, 2009 4:47 PM
To: Paul Stewart
Cc: NANOG list
Subject: Re: Anyone notice strange announcements for 174.128.31.0/24

On 09.01.13 07:42, Paul Stewart wrote:
For us, it was annoying - we look for prefix hijackings or what appear

to be.

i think herein lies the rub.  it is not prefix hijacking and in no way
should it appear that way to you.  i suggest tuning your detectors.  i
am told that path poisoning is used (futilely, we hope to show) in day
to day ops by folk to try to avert dos attacks.

randy




Sent from my BlackBerry device on the Rogers Wireless Network




----------------------------------------------------------------------------

"The information transmitted is intended only for the person or entity to which it is addressed and contains 
confidential and/or privileged material. If you received this in error, please contact the sender immediately and then 
destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault