[nsp-sec] hijacked netspace
Dario Ciccarone (dciccaro)
dciccaro at cisco.com
Sun Feb 24 18:38:20 EST 2008
Yeah, saw it on slashdot ;)
The Q was if those folks are the only ISP in Pakistan - IE, Jason here
only saw it being advertised by 17557
________________________________
From: David Freedman [mailto:david.freedman at uk.clara.net]
Sent: Sunday, February 24, 2008 6:30 PM
To: Dario Ciccarone (dciccaro); Chris Morrow; Rob Thomas
Cc: Ross, Jason; NSP-SEC List
Subject: RE: [nsp-sec] hijacked netspace
http://news.bbc.co.uk/1/hi/technology/7262071.stm
------------------------------------------------
David Freedman
Group Network Engineering
Claranet Limited
http://www.clara.net
-----Original Message-----
From: nsp-security-bounces at puck.nether.net on behalf of Dario
Ciccarone (dciccaro)
Sent: Sun 2/24/2008 23:25
To: Chris Morrow; Rob Thomas
Cc: Ross, Jason; NSP-SEC List
Subject: Re: [nsp-sec] hijacked netspace
----------- nsp-security Confidential --------
Dumb Q: PKTELECOM-AS-AP the only ISP on Pakistan? I thought the
order
appliedo to all ISPs over there.
Dario
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Chris Morrow
> Sent: Sunday, February 24, 2008 6:10 PM
> To: Rob Thomas
> Cc: Ross, Jason; NSP-SEC List
> Subject: Re: [nsp-sec] hijacked netspace
>
> ----------- nsp-security Confidential --------
>
>
>
> On Sun, 24 Feb 2008, Rob Thomas wrote:
>
> > ----------- nsp-security Confidential --------
> >
> > Hi, Jason.
> >
> >> If anyone is showing a route of 208.65.153.0/24 belonging
> to AS 17557,
> >> please ping me.
> >
> > We first saw it announced by origin AS17557 on 2008-02-24
18:47:52
> > UTC, and then saw it withdraw on 2008-02-24 20:07:43 UTC.
It showed
> > up with origin AS17557 on 2008-02-24 20:22:42 UTC and gone
again
> > 2008-02-24 20:33:53 UTC. We saw it last announced by
AS17557 on
> > 2008-02-24 21:01:22 UTC. We're presently only seeing it
> from YouTube
> > AS36561.
> >
> > We've not seen 208.65.153.0/24 prior to 2008-02-24 18:47:52
UTC.
>
> anyone know if this is a standard tactic used by 17557 for
censorship
> issues/actions?
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet
security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list