[nsp-sec] AS8997

Ian Dickinson iand at as5413.net
Tue Sep 23 08:45:13 EDT 2008 

Indeed I did - though I didn't see anything from myasn/iar.
I haven't found anything of substance since last night though.

Ian

David Freedman wrote:
> ----------- nsp-security Confidential --------
> 
> I saw this live on route-views last night as did many others, 
> 
> Ian?
> 
> ------------------------------------------------
> David Freedman
> Group Network Engineering 
> Claranet Limited
> http://www.clara.net
> 
> 
> 
> -----Original Message-----
> From: Hank Nussbacher [mailto:hank at efes.iucc.ac.il]
> Sent: Tue 9/23/2008 05:38
> To: David Freedman
> Cc: nsp-security at puck.nether.net
> Subject: Re: [nsp-sec] AS8997
>  
> On Tue, 23 Sep 2008, David Freedman wrote:
> 
> I've been following this since last night when I saw a number of different 
> prefixes from a number of different origin ASNs in Israel get hit and 
> assumed it was a prefix hijacking test run since according to PHAS it was 
> short lived.
> 
> Now that others are seeing it, I guess it isn't only Israel being affected 
> :-)
> 
> -Hank
> 
> 
>>----------- nsp-security Confidential --------
>>
>>Mentioned on IRC earlier:
>>
>>[22:53] <vato-5413> anyone else noticed AS8997 up to no good?
>>[22:53] <vato-5413> various possible hijacks of our space this afternoon
>>[22:53] <vato-5413> others reporting same
>>[22:54] <vato-5413> interesting announcements visible on route-views
>>[22:54] <vato-5413> phas reported it - myasn/iar haven't as yet
>>[22:58] <vato-5413> 3277 3267 8997 seems to be the commonest suspicious path
>>
>>I've had numerous jacking alerts from PHAS about this.
>>
>>Anybody have any info on this?
>>
>>------------------------------------------------
>>David Freedman
>>Group Network Engineering
>>Claranet Limited
>>http://www.clara.net
>>
>>
>>
>>_______________________________________________
>>nsp-security mailing list
>>nsp-security at puck.nether.net
>>https://puck.nether.net/mailman/listinfo/nsp-security
>>
>>Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
>>community. Confidentiality is essential for effective Internet security counter-measures.
>>_______________________________________________
>>
> 
> 
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________


-- 
Ian Dickinson                           INOC-DBA: 5413*426
Senior Network Development Engineer       Mobile: +44 7967 463023
GX Networks                               Direct: +44 208 587 6113
iand at as5413.net
ian.dickinson at gxn.net                   http://bgp.gxn.net/peering
PGP Fingerprint: 1A5E 74B1 2BDD 214A 2131 69E9 C3B3 B72A DDF8 862A
This email is subject to http://www.vialtus.com/disclaimer.html

More information about the nsp-security mailing list