[nsp-sec] Prefix hijack from AS4761

[Barry Greene]

BTW - my contacts here in Indonesia are:

+62 888 185 1962 (I'm on Whatsap with this number)
My Skype is barrygreene (always on my phone). 



On Apr 3, 2014, at 6:27 AM, Barry Greene <bgreene at senki.org> wrote:

> Hi Team,
> 
> I'm in country (Indonesia) - just go woken up to work on this issue. Indosat's mobile services are down, so it is hard to call people there. :-(
> 
> I've got my team using all their contacts to reach out.
> 
> I think their advertisement is pulling down too much bandwidth, so upstreams to Indosat might consider strict filtering them.
> 
> Barry
> 
> 
> 
> On Apr 3, 2014, at 3:37 AM, Nick Hilliard <nick at inex.ie> wrote:
> 
>> ----------- nsp-security Confidential --------
>> 
>> On 02/04/2014 20:25, Alfredo Sola wrote:
>>> We have received alerts from BGPMon that AS4761 (INDOSAT) is hijacking
>>> some of our prefixes. It looks a bit like a misconfiguration because
>>> they are announcing short prefixes (31.24.120.0/21) rather than
>>> deaggregate that into /24s.
>>> 
>>> Have anybody else seen it? Does anybody have a contact (trusted or
>>> otherwise) around there?
>> 
>> https://twitter.com/bgpmon/status/451453051409154048
>> 
>> i.e. most of the internet is affected.
>> 
>> Nick
>> 
>> 
>> 
>> _______________________________________________
>> nsp-security mailing list
>> nsp-security at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/nsp-security
>> 
>> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
>> community. Confidentiality is essential for effective Internet security counter-measures.
>> _______________________________________________
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20140403/4ee1a410/attachment-0001.sig>