[nsp-sec] 3277 3216 routes...
Schiller, Heather A (HeatherSkanks)
heather.schiller at verizonbusiness.com
Tue Oct 6 15:32:29 EDT 2009
Any idea what these (3277 3216) guys are doing? It looks like they are
re-originating parts of the internet..? We mistakenly started
announcing 74.120.16* blocks, but pulled them last Friday night.. they
don't show up in 701/19262 anymore or 3549. But when I look in rviews,
these blocks show up behind 3277, 3216, 3549 ..so these guys have to be
forging the aspath intentionally? I thought maybe they had
misconfigured their connection to routeviews, but that doesn't explain
how or why they are announcing routes that no longer exist. Kapela
MITM? Spam? Mistake? Just stale for the last 4 days?
route-views.oregon-ix.net>sh ip bgp 74.120.160.0/24 BGP routing table
entry for 74.120.160.0/24, version 23435309
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
3277 3216 3549 701 19262
194.85.4.55 from 194.85.4.55 (194.85.4.16)
Origin incomplete, localpref 100, valid, external, best
Community: 3216:3000 3216:3004 3277:3216 3549:2356 3549:30840
route-views.oregon-ix.net>sh ip bgp 74.120.161.0/24 BGP routing table
entry for 74.120.161.0/24, version 23435310
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
3277 3216 3549 701 19262
194.85.4.55 from 194.85.4.55 (194.85.4.16)
Origin incomplete, localpref 100, valid, external, best
Community: 3216:3000 3216:3004 3277:3216 3549:2356 3549:30840
--Heather
====================================================
Heather Schiller Verizon Business
Customer Security 1.800.900.0241
IP Address Management help4u at verizonbusiness.com
=====================================================
More information about the nsp-security
mailing list