Nerd blog.

29 Mar 2016

IXP Peering Lan Hijacks

Earlier this month the local Internet Exchange I’m involved with received some reports of spam coming from the MBIX Peering LAN IP space.

Normally an Internet Exchange’s Peering LAN IP space is not announced to the world via BGP. Only participants who have a next-hop in that particular network need to know about its existence.

Upon investigation it turns out that someone spun up this IP space via BGP somewhere and blasted out a bunch of spam from an IP that had “unassigned” reverse DNS.

AS-Paths Observed:

  • 9002 44050 131788
  • 1299 44050 131788

Theodore Baschak - Theo is a network engineer with experience operating core internet technologies like HTTP, HTTPS and DNS. He has extensive experience running service provider networks with OSPF, MPLS, and BGP.