<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hola Sergio,</p>
<p> Muchas gracias por tu pronta y excelente respuesta.</p>
<p><br>
</p>
<p>Saludos,</p>
<p><br>
</p>
<p>Alejandro,</p>
<p><br>
</p>
<br>
<div class="moz-cite-prefix">El 20/3/18 a las 4:38 p. m., Sergio
Rojas. . . escribió:<br>
</div>
<blockquote type="cite"
cite="mid:CABkQ3AnDmmTJ+F_+FARxLweafkkqrLU-kxKTw5ibzCV8dD5TrA@mail.gmail.com">
<div dir="ltr">Hola Alejandro,
<div><br>
</div>
<div>Es un típico error de big finger, o secuestro accidental.
Según el whois de LACNIC:</div>
<div><br>
</div>
<div><a
href="http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&stkey=22200603-2285528621"
moz-do-not-send="true">http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&stkey=22200603-2285528621</a></div>
<div><br>
</div>
<div>El bloque IPv4 asignado a esta organización es el <a
href="http://138.255.192.0/22" moz-do-not-send="true">138.255.192.0/22</a>
y no el <a href="http://128.255.192.0/22"
moz-do-not-send="true">128.255.192.0/22</a>.</div>
<div><br>
</div>
<div>No estoy suscripto a la lista de NANOG pero si
puedes/quieres responderle que en el whois mostrato arriba
encontrará información de contacto. O en todo caso esta es la
web de la organización que recibió el ASN <a
href="http://www.falemais.net.br/contato/"
moz-do-not-send="true">http://www.falemais.net.br/contato/</a></div>
<div><br>
</div>
<div>Otra alternativa es que contacte con el CERT de Brasil y
enseguida canalizarán el asunto: <a
href="https://www.cert.br/about/" moz-do-not-send="true">https://www.cert.br/about/</a></div>
<div><br>
</div>
<div>Saludos!</div>
<div><br>
</div>
<div>Sergio. . .</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2018-03-20 16:21 GMT-03:00 Alejandro
Acosta <span dir="ltr"><<a
href="mailto:alejandroacostaalamo@gmail.com"
target="_blank" moz-do-not-send="true">alejandroacostaalamo@gmail.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>FYI<br>
</p>
<div class="m_-7837173889143859627moz-forward-container"><br>
<br>
-------- Mensaje reenviado --------
<table
class="m_-7837173889143859627moz-email-headers-table"
cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">Asunto: </th>
<td>hijacking of <a
href="http://128.255.192.0/22" target="_blank"
moz-do-not-send="true">128.255.192.0/22</a></td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">Fecha: </th>
<td>Tue, 20 Mar 2018 12:35:53 -0500 (CDT)</td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">De: </th>
<td>Jay Ford <a
class="m_-7837173889143859627moz-txt-link-rfc2396E"
href="mailto:jnford@uiowa.net" target="_blank"
moz-do-not-send="true"><jnford@uiowa.net></a></td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">Responder a: </th>
<td>Jay Ford <a
class="m_-7837173889143859627moz-txt-link-rfc2396E"
href="mailto:jnford@headset.its.uiowa.edu"
target="_blank" moz-do-not-send="true"><jnford@headset.its.uiowa.edu></a></td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE"
align="RIGHT">Para: </th>
<td><a
class="m_-7837173889143859627moz-txt-link-abbreviated"
href="mailto:nanog@nanog.org" target="_blank"
moz-do-not-send="true">nanog@nanog.org</a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>Something apparently in Brazil is hijacking <a href="http://128.255.192.0/22" target="_blank" moz-do-not-send="true">128.255.192.0/22</a>, part of
<a href="http://128.255.0.0/16" target="_blank" moz-do-not-send="true">128.255.0.0/16</a> which is held by the University of Iowa. AS 263971 is
announcing <a href="http://128.255.192.0/22" target="_blank" moz-do-not-send="true">128.255.192.0/22</a> which Hurricane Electric is accepting &
propagating. None of that has any authorization.
I can't find any decent contact information for the originating entity, so I
have reported it to <a class="m_-7837173889143859627moz-txt-link-abbreviated" href="mailto:abuse@he.net" target="_blank" moz-do-not-send="true">abuse@he.net</a>, but it'd be fabulous if some HE folks
listening here could whack the hijacking faster than the abuse channels will
get to it. Also useful would be some functional contact for AS263971.
Any help will be appreciated.
______________________________<wbr>______________________________<wbr>____________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: <a class="m_-7837173889143859627moz-txt-link-abbreviated" href="mailto:jay-ford@uiowa.edu" target="_blank" moz-do-not-send="true">jay-ford@uiowa.edu</a>, phone: 319-335-5555
</pre>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
LACNOG mailing list<br>
<a href="mailto:LACNOG@lacnic.net" moz-do-not-send="true">LACNOG@lacnic.net</a><br>
<a href="https://mail.lacnic.net/mailman/listinfo/lacnog"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mail.lacnic.net/<wbr>mailman/listinfo/lacnog</a><br>
Cancelar suscripcion: <a
href="https://mail.lacnic.net/mailman/options/lacnog"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mail.lacnic.net/<wbr>mailman/options/lacnog</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
LACNOG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:LACNOG@lacnic.net">LACNOG@lacnic.net</a>
<a class="moz-txt-link-freetext" href="https://mail.lacnic.net/mailman/listinfo/lacnog">https://mail.lacnic.net/mailman/listinfo/lacnog</a>
Cancelar suscripcion: <a class="moz-txt-link-freetext" href="https://mail.lacnic.net/mailman/options/lacnog">https://mail.lacnic.net/mailman/options/lacnog</a>
</pre>
</blockquote>
<br>
</body>
</html>