[lacnog] secuestro de ruta

Mie Oct 2 13:21:19 BRT 2013

Hola Fabian,

Excelente.
Vamos hacer lo mismo acá em Brasil pues además de ese bloque que
mencioné, hay un par de otros que están sin uso y seguramente sus rutas
no deberian ter origen en ese ASN.

Capaz que LACNIC pueda hacer algo parecido con los otros bloques de
distintos países de la región:

https://stat.ripe.net/widget/announced-prefixes#w.resource=28071

200.9.246.0/24	2013-10-01 00:00:00 UTC	2013-10-01 00:00:00 UTC
200.9.236.0/24	2013-10-01 00:00:00 UTC	2013-10-01 00:00:00 UTC
200.9.225.0/24	2013-10-01 00:00:00 UTC	2013-10-01 00:00:00 UTC
200.9.218.0/24	2013-09-30 16:00:00 UTC	2013-09-30 16:00:00 UTC
200.9.208.0/24	2013-09-30 16:00:00 UTC	2013-09-30 16:00:00 UTC
200.9.205.0/24	2013-09-30 16:00:00 UTC	2013-09-30 16:00:00 UTC
200.9.204.0/24	2013-09-28 16:00:00 UTC	2013-09-29 08:00:00 UTC
200.9.198.0/24	2013-09-28 16:00:00 UTC	2013-09-29 08:00:00 UTC
200.9.195.0/24	2013-09-28 16:00:00 UTC	2013-09-29 08:00:00 UTC
200.9.194.0/24	2013-09-28 16:00:00 UTC	2013-09-29 08:00:00 UTC
200.9.193.0/24	2013-09-28 00:00:00 UTC	2013-09-28 08:00:00 UTC
200.9.180.0/24	2013-09-28 00:00:00 UTC	2013-09-28 08:00:00 UTC
200.9.177.0/24	2013-09-28 00:00:00 UTC	2013-09-28 08:00:00 UTC
200.9.153.0/24	2013-09-28 00:00:00 UTC	2013-09-28 08:00:00 UTC
200.9.152.0/24	2013-09-27 16:00:00 UTC	2013-09-27 16:00:00 UTC
200.9.150.0/24	2013-09-27 16:00:00 UTC	2013-09-27 16:00:00 UTC
200.9.146.0/24	2013-09-27 16:00:00 UTC	2013-09-27 16:00:00 UTC
200.9.145.0/24	2013-09-27 16:00:00 UTC	2013-09-27 16:00:00 UTC
200.9.142.0/24	2013-09-27 00:00:00 UTC	2013-09-27 08:00:00 UTC
200.9.141.0/24	2013-09-27 00:00:00 UTC	2013-09-27 08:00:00 UTC
200.9.101.0/24	2013-09-27 00:00:00 UTC	2013-09-27 08:00:00 UTC
200.7.83.0/24	2013-09-26 16:00:00 UTC	2013-09-26 16:00:00 UTC
200.7.82.0/24	2013-09-26 16:00:00 UTC	2013-09-26 16:00:00 UTC
200.7.81.0/24	2013-09-26 16:00:00 UTC	2013-09-26 16:00:00 UTC
200.7.80.0/24	2013-09-26 16:00:00 UTC	2013-09-26 16:00:00 UTC
200.7.77.0/24	2013-09-26 00:00:00 UTC	2013-09-26 08:00:00 UTC
200.7.76.0/24	2013-09-26 00:00:00 UTC	2013-09-26 08:00:00 UTC
200.7.75.0/24	2013-09-26 00:00:00 UTC	2013-09-26 08:00:00 UTC
200.7.74.0/24	2013-09-25 08:00:00 UTC	2013-09-25 16:00:00 UTC
200.7.72.0/24	2013-09-25 08:00:00 UTC	2013-09-25 16:00:00 UTC
200.7.71.0/24	2013-09-25 08:00:00 UTC	2013-09-25 16:00:00 UTC
200.7.70.0/24	2013-09-24 16:00:00 UTC	2013-09-25 00:00:00 UTC
200.7.68.0/24	2013-09-24 16:00:00 UTC	2013-09-25 00:00:00 UTC
200.7.67.0/24	2013-09-24 16:00:00 UTC	2013-09-25 00:00:00 UTC
200.7.66.0/24	2013-09-22 16:00:00 UTC	2013-09-23 08:00:00 UTC
200.7.65.0/24	2013-09-22 16:00:00 UTC	2013-09-23 08:00:00 UTC
200.7.64.0/24	2013-09-22 16:00:00 UTC	2013-09-23 08:00:00 UTC
200.6.5.0/24	2013-09-24 00:00:00 UTC	2013-09-24 08:00:00 UTC
200.6.4.0/24	2013-09-24 00:00:00 UTC	2013-09-24 08:00:00 UTC
200.6.34.0/24	2013-09-24 00:00:00 UTC	2013-09-24 08:00:00 UTC
200.6.32.0/24	2013-09-23 16:00:00 UTC	2013-09-23 16:00:00 UTC
200.6.31.0/24	2013-09-23 16:00:00 UTC	2013-09-23 16:00:00 UTC
200.6.30.0/24	2013-09-22 16:00:00 UTC	2013-09-23 08:00:00 UTC
200.6.3.0/24	2013-09-23 16:00:00 UTC	2013-09-23 16:00:00 UTC
200.6.29.0/24	2013-09-22 16:00:00 UTC	2013-09-23 08:00:00 UTC
200.6.28.0/24	2013-09-22 16:00:00 UTC	2013-09-23 08:00:00 UTC
200.6.26.0/24	2013-09-21 16:00:00 UTC	2013-09-22 08:00:00 UTC
200.6.23.0/24	2013-09-21 00:00:00 UTC	2013-09-21 08:00:00 UTC
200.6.2.0/24	2013-09-20 16:00:00 UTC	2013-09-20 16:00:00 UTC
200.6.19.0/24	2013-09-21 16:00:00 UTC	2013-09-22 08:00:00 UTC
200.6.17.0/24	2013-09-21 00:00:00 UTC	2013-09-21 08:00:00 UTC
200.6.16.0/24	2013-09-20 16:00:00 UTC	2013-09-20 16:00:00 UTC
200.6.14.0/24	2013-09-21 16:00:00 UTC	2013-09-22 08:00:00 UTC
200.6.12.0/24	2013-09-21 00:00:00 UTC	2013-09-21 08:00:00 UTC
200.6.11.0/24	2013-09-20 16:00:00 UTC	2013-09-20 16:00:00 UTC
200.6.10.0/24	2013-09-20 00:00:00 UTC	2013-09-20 08:00:00 UTC
200.6.1.0/24	2013-09-20 00:00:00 UTC	2013-09-20 08:00:00 UTC
200.6.0.0/24	2013-09-19 16:00:00 UTC	2013-09-19 16:00:00 UTC
200.3.240.0/24	2013-09-19 16:00:00 UTC	2013-09-19 16:00:00 UTC
200.3.115.0/24	2013-09-19 00:00:00 UTC	2013-09-19 08:00:00 UTC
200.3.112.0/24	2013-09-18 16:00:00 UTC	2013-09-18 16:00:00 UTC
200.24.9.0/24	2013-09-18 16:00:00 UTC	2013-09-18 16:00:00 UTC
200.2.98.0/24	2013-09-18 00:00:00 UTC	2013-09-18 08:00:00 UTC
200.2.90.0/24	2013-09-19 00:00:00 UTC	2013-09-19 08:00:00 UTC
200.16.64.0/24	2013-09-18 00:00:00 UTC	2013-09-18 08:00:00 UTC
200.14.99.0/24	2013-09-20 00:00:00 UTC	2013-09-20 08:00:00 UTC
200.14.98.0/24	2013-09-19 16:00:00 UTC	2013-09-19 16:00:00 UTC
200.14.95.0/24	2013-09-19 00:00:00 UTC	2013-09-19 08:00:00 UTC
200.14.94.0/24	2013-09-18 16:00:00 UTC	2013-09-18 16:00:00 UTC
200.14.93.0/24	2013-09-18 00:00:00 UTC	2013-09-18 08:00:00 UTC
200.14.92.0/24	2013-09-17 16:00:00 UTC	2013-09-17 16:00:00 UTC
200.14.78.0/24	2013-09-17 16:00:00 UTC	2013-09-17 16:00:00 UTC
200.14.73.0/24	2013-09-17 16:00:00 UTC	2013-09-17 16:00:00 UTC
200.14.72.0/24	2013-09-17 00:00:00 UTC	2013-09-17 08:00:00 UTC
200.14.65.0/24	2013-09-17 00:00:00 UTC	2013-09-17 08:00:00 UTC
200.14.117.0/24	2013-09-17 00:00:00 UTC	2013-09-17 08:00:00 UTC
177.129.110.0/24	2013-09-29 16:00:00 UTC	2013-09-30 08:00:00 UTC
177.125.182.0/24	2013-09-29 16:00:00 UTC	2013-09-30 08:00:00 UTC
177.125.180.0/24	2013-09-29 16:00:00 UTC	2013-09-30 08:00:00 UTC

Saludos

On 10/02/2013 12:59 PM, Fabián Mejía wrote:
> Un dato:
> ninguna de las redes de Ecuador supuestamente secuestradas está siendo
> anunciada en los puntos de intercambio de tráfico de Ecuador.  Parece
> que en realidad esas redes no están siendo usadas en Ecuador, estoy
> haciendo los contactos respectivos.
> 
> Saludos,
> 
> Fabián Mejía
> 
> El 2013-10-02 10:55, Carlos A. Afonso escribió:
>> "Awk" debe derivarse de "awkward"... :)
>>
>> --c.a.
>>
>> On 10/02/2013 12:01 PM, Ricardo Patara wrote:
>>> Aparentemente se verificó hace algunas horas un secuestro de ruta de un
>>> bloque asignado una organización de Brasil.
>>>
>>> En el BGP Play es posible ver que el bloque 177.85.238/24 fue anunciado
>>> con origen en el ASN 28071 que está registrado a una organización del
>>> Panama.
>>>
>>> El anuncio correcto es con origen en el ASN 52791
>>>
>>> Un punto a observar es que ese ASN 28071 anuncia una serie de otras
>>> rutas a bloques de CL, BR, EC, etc. Que seguramente no están asignados a
>>> ellos y tampoco lo tienen como UPSTREAM.
>>>
>>> Alguien tiene contacto con ellos o sus upstreams:
>>>
>>> AS52302    Awknet International, S.A. (Panama)
>>>
>>> Saludos
>>> _______________________________________________
>>> LACNOG mailing list
>>> LACNOG en lacnic.net
>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>> Cancelar suscripcion: lacnog-unsubscribe en lacnic.net
>>>
>> _______________________________________________
>> LACNOG mailing list
>> LACNOG en lacnic.net
>> https://mail.lacnic.net/mailman/listinfo/lacnog
>> Cancelar suscripcion: lacnog-unsubscribe en lacnic.net
> 
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: lacnog-unsubscribe en lacnic.net