Theodore Baschak

BOFH. Open Source Guru. Founder/Operator of Hextet Systems, AS395089 and Network Architect for Daemon Defense Systems, AS55101.

IXP Peering Lan Hijacks

Tue, 29 Mar 2016 13:36:44 -0500 » Networking, ISP, BGP, Security, Troubleshooting, Network Operator Group, System Administration

Earlier this month the local Internet Exchange I’m involved with received some reports of spam coming from the MBIX Peering LAN IP space.

Normally an Internet Exchange’s Peering LAN IP space is not announced to the world via BGP. Only participants who have a next-hop in that particular network need to know about its existence.

Upon investigation it turns out that someone spun up this IP space via BGP somewhere and blasted out a bunch of spam from an IP that had “unassigned” reverse DNS.

AS-Paths Observed:

  • 9002 44050 131788
  • 1299 44050 131788
© Theodore Baschak - https://github.com/tbaschak - Powered by Jekyll.
Powered by Les.net.
CiscoDude.net is a personal website. Opinions expressed are not necessarily those of his employer.