[SANOG] Prefix hijacking, how to prevent and fix currently
lists at tarundua.net
Thu Aug 28 17:21:31 UTC 2014
We got alerted to this by spamcop as we got a large number of abuse
complaints for a lot of non-existent hosts.
In touch with our upstream providers for this as well.
On Thu, Aug 28, 2014 at 10:36 PM, Anurag Bhatia <me at anuragbhatia.com> wrote:
> Hi Tarun
> Yeap, it seems true. The best way to get this fixed would be via AS43239
> itself and if they don't help (or if they intentionally doing it) then via
> their further upstreams.
> AS43239 contact details are here while their upstreams are here. You can
> find their list of upstreams here.
> You can always contact large upstream in the chain who is transiting the
> prefixes. If they stop, the impact will get pretty much local.
> Also, FYI I don't see that prefix visible in India from that AS43239 pretty
> much because most of networks are anyways filtering it. There's only one
> (and valid) route object for the prefix:
> Anurags-MacBook-Pro:~ anurag$ whois -h whois.radb.net 188.8.131.52
> route: 184.108.40.206/24
> descr: E2E Networks Cloud Routes
> origin: AS132420
> country: IN
> notify: provisioning at e2enetworks.com
> mnt-lower: MAINT-E2E-NETWORKS-IN
> mnt-routes: MAINT-E2E-NETWORKS-IN
> mnt-by: MAINT-E2E-NETWORKS-IN
> changed: provisioning at e2enetworks.com 20130603
> source: APNIC
> Anurags-MacBook-Pro:~ anurag$
> Good luck in getting it fixed!
> On Thu, Aug 28, 2014 at 10:24 PM, Tarun Dua <lists at tarundua.net> wrote:
>> AS Number 43239
>> AS Name SPETSENERGO-AS SpetsEnergo Ltd.
>> Has started hijacking our IPv4 prefix, while this prefix was NOT in
>> production, it worries us that it was this easy for someone to hijack
>> 220.127.116.11/22 <- This belongs to us.
>> 18.104.22.168/22 KNS Techno Integrators Pvt. Ltd.
>> 22.214.171.124/24 hydrocontrol S.C.R.L.
>> 126.96.36.199/24 TRAPIL - Societe des Transports Petroliers par Pipeline
>> Where do we complain to get this fixed.
>> sanog mailing list
>> sanog at sanog.org
> Anurag Bhatia
> Linkedin | Twitter
> Skype: anuragbhatia.com
> PGP Key Fingerprint: 3115 677D 2E94 B696 651B 870C C06D D524 245E 58E2
More information about the sanog