[nsp-sec] contact needed at AS1680 (netvision.net.il)

[Hank Nussbacher]

The abuse manager who does English emails very well is:
Eran Agmon <eagmon at 013netvision.co.il>
not sure his BGP knowledge but he does understand about hijacked netblocks.

-Hank

>Hi,
>
>I need a contact at AS1680, netvision.net.il - someone who understands
>english and understands BGP.
>
>One of their customers is hijacking one of our netblocks (whether by
>accident or malice, I can't say):
>
>route-views.oregon-ix.net>sh ip b 195.30.85.0/24=20
>BGP routing table entry for 195.30.85.0/24, version 6397685
>Paths: (33 available, best #33, table Default-IP-Routing-Table)
>   Not advertised to any peer
>   6939 1680 49954
>     216.218.252.164 from 216.218.252.164 (216.218.252.164)
>       Origin IGP, localpref 100, valid, external
>   3333 3257 1680 49954
>     193.0.0.56 from 193.0.0.56 (193.0.0.56)
>       Origin IGP, localpref 100, valid, external
>       Community: 3257:4000 3257:5044
>   6079 3257 1680 49954
>     207.172.6.20 from 207.172.6.20 (207.172.6.20)
>       Origin IGP, metric 0, localpref 100, valid, external
>(...)
>
>
>while all of 195.30.0.0/16 is SpaceNET, AS 5539, and is clearly documented
>as such in the RIPE DB.
>
>
>I have tried sending e-mail to their listed contacts (half of it bounces,
>other half has elided no response yet) and calling them (spent 15 minutes
>on an international phone call, trying to explain to first-level ops that
>"no, I'm not one of your customers, can I please speak to someone who
>understands BGP routing").
>
>So.  Big Stick Time.  Thanks :-)
>
>(A working contact at AS49954 would be welcome, but given that they seem
>to be a very new player in the field, AS1680 sounds more useful.  Especially
>since it's their job anyway to sanitize inbound BGP announcements from their
>customers)
>
>gert
>--=20
>Gert Doering
>SpaceNet AG, AS 5539, gert at space.net.  PGP-KeyID: 0x65514975
>Also reachable via gert at greenie.muc.de and gert at net.informatik.tu-muenchen.=
>de