December 2013 - Test - lists.nanog.org

ICANN related question...
by Eric Tykwinski 09 Dec '13

09 Dec '13

We have a customer that purchased a domain through a reseller of register.com. The Whois records only point to the actual company and the originating accredited registrar: register.com. Does anyone know of any hints to find out who the reseller is? Apparently Register.com can't supply us with that information. Just in case anyone is wondering: Domain ID:D96747839-LROR Domain Name:GIRLSINCDE.ORG Created On:21-Apr-2003 18:39:46 UTC Last Updated On:20-Nov-2013 22:11:57 UTC Expiration Date:21-Apr-2014 18:39:46 UTC Sponsoring Registrar:Register.com, Inc. (R71-LROR) Status:CLIENT TRANSFER PROHIBITED Registrant ID:F50A8CB8E137E659 Registrant Name:Lori Cooney Registrant Organization:Girls Incorporated of Delaware Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 F: 610-429-3222

5 4

Skype suspicious download activity ...
by Jorge Amodio 09 Dec '13

09 Dec '13

I just caught an alert on my desktop about high disk activity by Skype, looking at the details it shows a 472MB of disk write activity, no notification of upgrade or any other messages. Trying to see if I can find what was recently written. This the first time I see a report about such high disk activity related to Skype. Anybody seeing anything similar ? Thanks & Regards Jorge PS. Platform is Windoze Vista 64bits

2 1

Re: Caps (was Re: AT&T UVERSE Native IPv6, a HOWTO)
by Larry Sheldon 09 Dec '13

09 Dec '13

On 12/8/2013 11:48 PM, Jay Ashworth wrote: > ----- Original Message ----- >> From: "Dave Crocker" <dhc2(a)dcrocker.net> > >> I seem to recall an early bit of research on interactive computing >> (maybe by Sackman) that showed user preference for a /worse/ average >> response time that was more predictable (narrower range of variance) >> than a better average time that was more erratic. > > Very specifically: > > A 3270 that took 5 seconds of delay and then *snapped* the entire screen > up at once was perceived as "faster" than a 9600 tty that painted the same > entire screen in about a second and a half or so. Don't remember who it > was either, but likely Bell Labs. Back in the day we were building a system to run on UNIVAC equipment but some brainiac decided that because we were a Bell System company, we had to use DataSpeed 40's (which buffered the screen and snap it up when the last character is received) instead of the UTS terminals on which the system was developed (which painted each character as it came in. Users weeped and wailed to no effect that the change hurt them badly (which they could prove) because that while the two had the same time from first character to last, the operators could not start composing a reply when the first several lines had painted. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)

1 0

Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet
by Eugen Leitl 09 Dec '13

09 Dec '13

http://www.wired.com/threatlevel/2013/12/bgp-hijacking-belarus-iceland/ Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet BY KIM ZETTER12.05.136:30 AM Hijacked traffic went all the way to Iceland, where it may have been copied before being released to its intended destination. The green arrows show the path the traffic should have traveled; the red arrows show the path it took. Map courtesy of Renesys In 2008, two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic-routing system — a vulnerability so severe that it could allow intelligence agencies, corporate spies or criminals to intercept massive amounts of data, or even tamper with it on the fly. The traffic hijack, they showed, could be done in such a way that no one would notice because the attackers could simply re-route the traffic to a router they controlled, then forward it to its intended destination once they were done with it, leaving no one the wiser about what had occurred. Now, five years later, this is exactly what has happened. Earlier this year, researchers say, someone mysteriously hijacked internet traffic headed to government agencies, corporate offices and other recipients in the U.S. and elsewhere and redirected it to Belarus and Iceland, before sending it on its way to its legitimate destinations. They did so repeatedly over several months. But luckily someone did notice. And this may not be the first time it has occurred — just the first time it got caught. Analysts at Renesys, a network monitoring firm, said that over several months earlier this year someone diverted the traffic using the same vulnerability in the so-called Border Gateway Protocol, or BGP, that the two security researchers demonstrated in 2008. The BGP attack, a version of the classic man-in-the-middle exploit, allows hijackers to fool other routers into re-directing data to a system they control. When they finally send it to its correct destination, neither the sender nor recipient is aware that their data has made an unscheduled stop. The stakes are potentially enormous, since once data is hijacked, the perpetrator can copy and then comb through any unencrypted data freely — reading email and spreadsheets, extracting credit card numbers, and capturing vast amounts of sensitive information. The attackers initiated the hijacks at least 38 times, grabbing traffic from about 1,500 individual IP blocks — sometimes for minutes, other times for days — and they did it in such a way that, researchers say, it couldn’t have been a mistake. Renesys Senior Analyst Doug Madory says initially he thought the motive was financial, since traffic destined for a large bank got sucked up in the diversion. But then the hijackers began diverting traffic intended for the foreign ministries of several countries he declined to name, as well as a large VoIP provider in the U.S., and ISPs that process the internet communications of thousands of customers. Although the intercepts originated from a number of different systems in Belarus and Iceland, Renesys believes the hijacks are all related, and that the hijackers may have altered the locations to obfuscate their activity. “What makes a man-in-the-middle routing attack different from a simple route hijack? Simply put, the traffic keeps flowing and everything looks fine to the recipient,…” Renesys wrote in a blog post about the hijacks. “It’s possible to drag specific internet traffic halfway around the world, inspect it, modify it if desired, and send it on its way. Who needs fiberoptic taps?” Earlier this year someone mysteriously hijacked internet traffic headed to government agencies, corporate offices and other recipients and redirected it to Belarus and Iceland (above). Photo: Image Source/Getty Renesys cautions that it doesn’t know who is behind the hijacks. Although systems in Belarus and Iceland initiated the hijacks, it’s possible that those systems were hijacked by a third party that simply used them as a proxy for the attacks. Either way, one thing is certain, Madory says: the characteristics of the hijacks indicate they were intentional. Some of the targets whose traffic was hijacked seemed hand-picked by the attackers, he says, especially the foreign ministry domains. “It’s a list [of targets] that you just wouldn’t come by mistake,” Madory told WIRED. The hijackers also appeared to tweak their attack over time to modify and refine it. “In the Belarus example, we saw an evolution of the technique of someone manipulating the attributes of the BGP messages to try to achieve this man-in-the-middle thing,” he said. “To us, that communicated some intention versus a mistake.” BGP eavesdropping has long been a known weakness, but no one is known to have intentionally exploited it like this until now. The technique doesn’t attack a bug or flaw in BGP, but simply takes advantage of the fact that BGP’s architecture is based on trust. To make it easy for e-mail traffic from an ISP in California to reach customers of an ISP in Spain, networks for these providers and others communicate through BGP routers. Each router distributes so-called announcements indicating which IP addresses they’re in the best position to deliver traffic to, for the quickest, most efficient route. But BGP routers assume that when another router says it’s the best path to a specific block of IP addresses, it’s telling the truth. That gullibility makes it easy for eavesdroppers to fool routers into sending them traffic they shouldn’t get. When a user types a website name into his browser or clicks “send” to launch an e-mail, a router belonging to the sender’s ISP consults a BGP table for the best route to the destination. That table is built from the announcements issued by ISPs and other networks declaring the range of IP addresses, or IP prefixes, to which they’ll deliver traffic. The routing table searches for the destination IP address among those prefixes, and if two systems deliver traffic for the address, the one with the narrower, more specific range of prefixes “wins” the traffic. For example, one ISP announces that it delivers to a group of 90,000 IP addresses, while another delivers to a subset of 24,000 of those addresses. If the destination IP address falls within both of these, the e-mail will get sent to the narrower, more specific one. To intercept data, anyone with a BGP router or control of a BGP router could send out an announcement for a range of IP addresses he wished to target that was narrower than the chunk advertised by other network routers. The announcement would take just minutes to propagate worldwide and, just like that, data that should have headed to those networks would begin arriving to the eavesdropper’s router instead. Ordinarily, when an attacker tried to then forward the stolen traffic to its rightful destination, it would boomerang back to him, since other routers would still believe that his was the best destination for the traffic. But the technique demonstrated at DefCon, and now spotted in the wild, allows an attacker to send his announcement in such a way that it is delivered only to select routers. So, once the traffic passes through his router, it gets directed to its rightful destination through routers that never got the bogus announcement. The attack intercepts only traffic headed to target addresses, not from them. BGP hijacking happens in some form or fashion every day, but it’s usually unintentional — the result of a typo in a routing announcement or some other mistake. And when it does occur, it generally results in an outage, as the traffic being routed never reaches its destination. This was the case in 2008 when Pakistan Telecom inadvertently hijacked all of the world’s YouTube traffic when it attempted to prevent just Pakistan citizens from reaching video content the government deemed objectionable. The telecom and its upstream provider mistakenly advertised to routers around the world that it was the best route through which to send all YouTube traffic, and for nearly two hours browsers attempting to reach YouTube fell into a black hole in Pakistan until the problem was corrected. In April 2010, another outage occurred when China Telecom distributed an erroneous announcement for more than 50,000 blocks of IP addresses, and within minutes some of the traffic destined for these domains got sucked into China Telecom’s network for 20 minutes. After analyzing the details, Renesys concluded that this incident, too, was likely a mistake. But the incidents this year have all the characteristics of an intentional intercept, Renesys says. There are legitimate reasons to send out bogus BGP announcements intentionally. Some security firms do this as part of a DDoS protection service. If a victim is being hit with a lot of trash traffic in an effort to knock its servers offline, the security firms will send out bogus announcements to divert traffic away from the client, filter out the trash, and forward the legitimate traffic to the client. But Renesys ruled this out as an explanation for the suspected hijacks after speaking with victims whose IP traffic was hijacked. The first hijacks occurred last February, when an internet service provider called GlobalOneBel based in the Belarusian capital, Minsk, sent out a bogus BGP announcement. The intercepts occurred 21 times throughout the month, with different IP addresses re-routed each day. Some of the intercepts lasted a few minutes, others continued for hours. Countries whose traffic was intercepted included the U.S., Germany, South Korea and Iran. GlobalOneBel’s traffic gets routed through the state-run Bel Telecom, which is where Renesys saw the hijacked traffic go. In one case, traffic headed from New York to Los Angeles took a detour to Moscow and Belarus before being sent back through New York to its destination on the West Coast. In another case, traffic headed from Chicago to Iran, which normally passed through Germany, took a roundabout journey through Canada, London, Amsterdam, Moscow and Belarus before being sent to Iran via Poland, Germany, the UK and New York. The intercepts suddenly halted in March, but then resumed on May 21. This time the hijack appeared to be initiated by a system belonging to Elsat, another ISP in Belarus, whose traffic also gets routed through Belarus’s state-run telecom. The intercepts didn’t last long, though, before the hijackers appeared to change their tactics. The diversion to Belarus stopped, and instead Renesys saw traffic being diverted to a different location, this time in Iceland. The hijack now appeared to be initiated by Nyherji hf, a small internet provider in that country. That intercept lasted just five minutes before the hijack went silent. Nothing occurred again until July 31 when the intercepts resumed with a vengeance, this time appearing to come from Opin Kerfi, another ISP in Iceland. The hijack intercepted 597 IP blocks belonging to a large company in the U.S. that provides VoIP and other services, as well as other IP blocks, most of them in the U.S. Renesys counted 17 intercepts between July 31 and August 19, with nine different ISPs or companies in Iceland initiating the intercepts — all of them downstream customers of Síminn, an internet backbone provider in Iceland. In one case, traffic headed from one location in Denver, Colorado, to another location in Denver flew off to Illinois, Virginia and New York before traveling overseas to London and Iceland. From there it was redirected back to Denver through Canada, Illinois, New York, Texas and Missouri before finally reaching its destination. The bogus BGP announcements that hijacked the traffic went to so-called peering partners of Síminn in London but not to its peering partners elsewhere. Peers are separate networks that have an established connection in order to easily pass traffic back and forth. Map showing the long and winding path taken by traffic headed from Chicago to Iran. The green route represents the normal route the traffic takes; the red route is the hijacked route it took through Belarus. Renesys contacted Síminn to inquire about the redirects and was told the cause was a bug that had since been patched. “A software malfunction in Síminn’s internet gateway in Montreal this summer resulted in the corruption of routing data,” a Síminn security manager wrote Renesys in an email. “The effect of the malfunction was that traffic which was not intended for Síminn or its customers passed through Síminn’s network en route to its intended destination. … The malfunction had the effect that the corrupt routing data appeared to originate from certain customers of Síminn, including Opin Kerfi and Nýherji.” The company said the malfunction was resolved with the assistance of the equipment vendor on August 22nd. Renesys, skeptical of the response, asked for details about the bug and the vendor so that others using the same system could fix it as well, but Síminn didn’t respond. The Síminn manager also did not respond to questions from WIRED. Madory says that if the hijacks to Iceland occurred in isolation, Siminn’s explanation might be plausible, though he still wouldn’t understand how a problem with a system in Montreal resulted in traffic being misrouted through London but then correctly routed through Montreal on its way back from Iceland. But the hijacks to Iceland weren’t isolated; they occurred around the same time as the Belarus attacks. He says he has no doubt that the Belarus hijacks were intentional, and the fact that the last Belarus hijack and the first hijack to Iceland occurred on the same day – May 21 – within minutes of one another appear to link them. “This is a one-in-a-million thing that this would just also happen [on the same day] with some similarities to it,” he says. Renesys discovered the hijacks because it uses an automated system to read global BGP tables daily and tag any that match suspicious parameters. But BGP tables don’t tell the whole story. So Renesys also sends about a quarter of a billion traceroutes a day around the world to measure the health of digital traffic – like a coronary angiography for the internet. This helps verify that the data in routing tables matches what is really happening to data in the stream, and helps them spot outages when undersea cables are cut or when countries like Iran or Syria block users from the internet. Judging by the BGP tables alone, the traffic that got hijacked to Belarus, for example, should have dead-ended there. But when Renesys sent traceroutes along the same path, it got sucked into the stream going to Belarus and then got spit out the other end to continue to its destination. “Which is alarming,” Madory says. BGP hijacking is an “exceedingly blunt instrument” to capture traffic, and is “about as subtle as a firecracker in a funeral home,” Renesys has noted in the past. In all the years Renesys has been monitoring internet traffic, analysts had never seen anything that looked intentional before. Generally, Madory says, mistakes look clumsy and show obvious signs of being mistakes. They also generally last minutes, not days as these did, and they also generally do not result in traffic being re-routed to its legitimate destination, as occurred in these cases. “To achieve this thing where you can get [hijacked] traffic back to its destination, . . . you have to craft your [BGP] messages in a way that you control how far it propagates or where it propagates,” he says. “And we can see these guys experiment over time, modifying different attributes to change the propagation until they’ve achieved the one that they want. We’ve never seen anything like that, that looks very deliberate where someone is tweaking the approach.” But Tony Kapela, VP of data center and network technology at 5Nines in Wisconsin and one of the researchers who exposed the BGP vulnerability in 2008, is shocked that no other signs of intentional hijacking have occurred since their talk five years ago and questions whether this is really the first case, or just the first one seen. Kapela says there are a number of ways that an attacker could hijack traffic so that even Renesys wouldn’t notice — specifically, if attackers wanted to grab a narrow slice of traffic going to a specific destination and did so in a way that prevented a bogus route announcement from being distributed to the entire internet. He gives the example of three networks that are traffic peers. One of the networks could siphon traffic passing between the other two by sending a route announcement that doesn’t get broadcast to the wider internet. The attacker would send an announcement to one of the others with a tag attached, indicating that the announcement should not be broadcast to any other systems. “If you have the ability to give a network route to another provider and say ‘don’t export this,’ and if that provider doesn’t give it to Renesys or the world, it will not be visible,” Kapela says. Renesys has monitoring systems set up throughout the internet in more than 400 networks, but doesn’t see all traffic movement. “Renesys sees whatever lands in the fly trap,” Kapela says. “But if you pick one that doesn’t give a route view to Renesys, you have a good chance of not having this get noticed.” Kapela notes that the first time he and his colleague demonstrated a BGP attack at a conference in Germany, the bogus announcements they sent out did not reach the internet at large, just the specific networks they wanted to affect. Kapela says the culprit doesn’t have to be one of the three entities in the attack scenario, but could actually be an outsider who simply seizes control of one of the systems and sends out the bogus announcement without the owner of the system knowing it. He imagines a scenario where an attacker gains physical access to a router belonging to one of the companies and installs a monitoring device to record data, then gains control of the router console to send out a bogus BGP announcement to redirect traffic through the router. If anyone discovers the redirect, the culprit would appear to be the company that owned the router. Kapela says this kind of attack could become a real risk as data centers and ISPs begin installing centralized router controls. Until now, many ISPs have used proprietary systems and decentralized models of control whereby routers were managed individually. But many are switching to new systems, where control for numerous routers is centralized. If someone can hijack the master control, he can distribute bogus announcements. There may also be ways to feed operators false data to blind them to this manipulation. Renesys and Kapela say that ISPs, credit-card processing companies, government agencies and others should all be monitoring the global routing of their advertised IP prefixes to make sure that someone isn’t hijacking their traffic or using their system to hijack someone else’s traffic. In other words, the future may hold more of these security breaches. As Renesys warned on its blog: “We believe that people are still attempting this because they believe (correctly, in most cases) that nobody is looking.” Kim Zetter is a senior reporter at Wired covering cybercrime, privacy, security and civil liberties. Read more by Kim Zetter Follow @KimZetter and @ThreatLevel on Twitter.

11 17

Empty messages (was Re: Any computer, anywhere?)
by Larry Sheldon 09 Dec '13

09 Dec '13

On 12/8/2013 8:13 AM, Michael Brown wrote: > I've been getting several of these (empty messages) from different people and on different subjects but always on the NANOG list. Secret messages? Or is NSA sucking too hard? -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)

5 5

Any computer, anywhere?
by Warren Bailey 09 Dec '13

09 Dec '13

http://m.washingtonpost.com/business/technology/2013/12/06/352ba174-5397-11… Noticed this tonight.. Not saying the WP is always on target, but what software could be installed via a browser on any computer to gather all of that data? And how would it be done without the OS speaking up about it? Far fetched.. Or do the Firefox / chrome guys have some 'splainin to do? Sent from my Mobile Device.

6 6

844 INWATS prefix activated
by Jay Ashworth 08 Dec '13

08 Dec '13

Note, if you're the PBX guy somewhere, too, that the +1 844 toll free prefix was activated at 1200EST today. Cheers, -- jra -- Make Election Day a federal holiday: http://wh.gov/lBm94 100k sigs by 12/14 Jay R. Ashworth Baylink jra(a)baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274

2 1

RE: Any computer, anywhere?
by Phil Bedard 08 Dec '13

08 Dec '13

Have you ever heard of Java and Flash? There is a reason why browsers explicitly disable Java, heck OSX removed it from the OS completely. Flash will run sandboxed in newer browsers but Java afaik cannot. Almost all malware is delivered using them, one research company I read about has lists of non-public Java exploits they sell to governments... Phil From: Warren Bailey Sent: 12/8/2013 3:26 To: nanog(a)nanog.org Subject: Any computer, anywhere? http://m.washingtonpost.com/business/technology/2013/12/06/352ba174-5397-11… Noticed this tonight.. Not saying the WP is always on target, but what software could be installed via a browser on any computer to gather all of that data? And how would it be done without the OS speaking up about it? Far fetched.. Or do the Firefox / chrome guys have some 'splainin to do? Sent from my Mobile Device.

2 1

BGP Update Report
by cidr-report＠potaroo.net 06 Dec '13

06 Dec '13

BGP Update Report Interval: 28-Nov-13 -to- 05-Dec-13 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASN Upds % Upds/Pfx AS-Name 1 - AS7545 61106 2.5% 112.1 -- TPG-INTERNET-AP TPG Telecom Limited 2 - AS8402 54975 2.3% 26.2 -- CORBINA-AS OJSC "Vimpelcom" 3 - AS9829 48061 2.0% 51.2 -- BSNL-NIB National Internet Backbone 4 - AS14287 31004 1.3% 5167.3 -- TRIAD-TELECOM - Triad Telecom, Inc. 5 - AS10620 23186 1.0% 11.9 -- Telmex Colombia S.A. 6 - AS13118 22847 0.9% 11423.5 -- ASN-YARTELECOM OJSC Rostelecom 7 - AS29990 22060 0.9% 22060.0 -- ASN-APPNEXUS - AppNexus, Inc 8 - AS36753 21592 0.9% 10796.0 -- SSF-AUTO-PARTS - SSF Imported Autoparts Inc. 9 - AS24964 20919 0.9% 445.1 -- EVO-LTD MOBILTEL EAD 10 - AS4766 20619 0.9% 7.3 -- KIXS-AS-KR Korea Telecom 11 - AS7029 19366 0.8% 9.3 -- WINDSTREAM - Windstream Communications Inc 12 - AS4775 18892 0.8% 2698.9 -- GLOBE-TELECOM-AS Globe Telecoms 13 - AS4538 18347 0.8% 32.8 -- ERX-CERNET-BKB China Education and Research Network Center 14 - AS24085 17912 0.7% 471.4 -- QTSC-AS-VN Quang Trung Software City Development Company 15 - AS28021 17501 0.7% 2187.6 -- ASEGLOB S.A. 16 - AS37004 16453 0.7% 658.1 -- SUBURBAN-AS 17 - AS17488 15662 0.7% 28.7 -- HATHWAY-NET-AP Hathway IP Over Cable Internet 18 - AS13999 15417 0.6% 98.2 -- Mega Cable, S.A. de C.V. 19 - AS45544 14250 0.6% 619.6 -- PAVIETNAM-AS-VN PAVIETNAM Co.,Ltd 20 - AS27738 14104 0.6% 24.5 -- Ecuadortelecom S.A. TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASN Upds % Upds/Pfx AS-Name 1 - AS29990 22060 0.9% 22060.0 -- ASN-APPNEXUS - AppNexus, Inc 2 - AS13118 22847 0.9% 11423.5 -- ASN-YARTELECOM OJSC Rostelecom 3 - AS36753 21592 0.9% 10796.0 -- SSF-AUTO-PARTS - SSF Imported Autoparts Inc. 4 - AS54465 7287 0.3% 7287.0 -- QPM-AS-1 - QuickPlay Media Inc. 5 - AS59217 6173 0.3% 6173.0 -- AZONNELIMITED-AS-AP Azonne Limited 6 - AS14287 31004 1.3% 5167.3 -- TRIAD-TELECOM - Triad Telecom, Inc. 7 - AS22592 4294 0.2% 4294.0 -- HBP - HBP, Inc. 8 - AS60345 8026 0.3% 4013.0 -- NBITI-AS Nahjol Balagheh International Research Institution 9 - AS52640 3053 0.1% 3053.0 -- ULTRANET SCM - COMUNICACAO MULTIMIDIA LTDA. 10 - AS4775 18892 0.8% 2698.9 -- GLOBE-TELECOM-AS Globe Telecoms 11 - AS32244 6719 0.3% 2239.7 -- LIQUID-WEB-INC - Liquid Web, Inc. 12 - AS37367 2208 0.1% 2208.0 -- CALLKEY 13 - AS28021 17501 0.7% 2187.6 -- ASEGLOB S.A. 14 - AS62431 1975 0.1% 1975.0 -- NCSC-IE-AS National Cyber Security Centre 15 - AS21271 5661 0.2% 1887.0 -- SOTELMABGP 16 - AS7202 8633 0.4% 1726.6 -- FAMU - Florida A & M University 17 - AS45556 1087 0.1% 1087.0 -- SCANCOM-AS-VN Scancom Vietnam Ltd 18 - AS31245 969 0.0% 969.0 -- ATI-ISP 19 - AS37453 9415 0.4% 941.5 -- VODACOM-CONGO 20 - AS37504 1802 0.1% 901.0 -- Meninx TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 109.161.64.0/20 22846 0.9% AS13118 -- ASN-YARTELECOM OJSC Rostelecom 2 - 103.243.220.0/22 22060 0.9% AS29990 -- ASN-APPNEXUS - AppNexus, Inc 3 - 12.68.46.0/24 11241 0.4% AS36753 -- SSF-AUTO-PARTS - SSF Imported Autoparts Inc. 4 - 64.240.174.0/24 10351 0.4% AS36753 -- SSF-AUTO-PARTS - SSF Imported Autoparts Inc. 6 - 222.127.0.0/24 9371 0.4% AS4775 -- GLOBE-TELECOM-AS Globe Telecoms 7 - 38.87.227.0/24 9027 0.3% AS37453 -- VODACOM-CONGO 8 - 192.58.232.0/24 7807 0.3% AS6629 -- NOAA-AS - NOAA 9 - 206.152.15.0/24 7287 0.3% AS54465 -- QPM-AS-1 - QuickPlay Media Inc. 10 - 220.244.72.0/21 6770 0.3% AS7545 -- TPG-INTERNET-AP TPG Telecom Limited 11 - 67.210.190.0/23 6709 0.3% AS11976 -- FIDN - Fidelity Communication International Inc. 12 - 14.202.160.0/22 6545 0.3% AS7545 -- TPG-INTERNET-AP TPG Telecom Limited 13 - 216.162.0.0/20 6204 0.2% AS14287 -- TRIAD-TELECOM - Triad Telecom, Inc. 14 - 208.73.244.0/22 6202 0.2% AS14287 -- TRIAD-TELECOM - Triad Telecom, Inc. 15 - 208.78.116.0/22 6198 0.2% AS14287 -- TRIAD-TELECOM - Triad Telecom, Inc. 16 - 208.88.232.0/22 6196 0.2% AS14287 -- TRIAD-TELECOM - Triad Telecom, Inc. 17 - 208.70.20.0/22 6180 0.2% AS14287 -- TRIAD-TELECOM - Triad Telecom, Inc. 18 - 103.243.164.0/22 6173 0.2% AS59217 -- AZONNELIMITED-AS-AP Azonne Limited 19 - 67.210.188.0/23 6153 0.2% AS11976 -- FIDN - Fidelity Communication International Inc. 20 - 217.64.96.0/20 5655 0.2% AS21271 -- SOTELMABGP Details at http://bgpupdates.potaroo.net ------------------------------------ Copies of this report are mailed to: nanog(a)nanog.org eof-list(a)ripe.net apops(a)apops.net routing-wg(a)ripe.net afnog(a)afnog.org

1 0

The Cidr Report
by cidr-report＠potaroo.net 06 Dec '13

06 Dec '13

This report has been generated at Fri Dec 6 21:13:57 2013 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date Prefixes CIDR Agg 29-11-13 485190 274098 30-11-13 485543 274016 01-12-13 485557 274109 02-12-13 484805 274254 03-12-13 485255 273951 04-12-13 484901 274262 05-12-13 484986 274625 06-12-13 485100 274200 AS Summary 45786 Number of ASes in routing system 18791 Number of ASes announcing only one prefix 4208 Largest number of prefixes announced by an AS AS7029 : WINDSTREAM - Windstream Communications Inc 118909696 Largest address span announced by an AS (/32s) AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 06Dec13 --- ASnum NetsNow NetsAggr NetGain % Gain Description Table 485084 274137 210947 43.5% All ASes AS28573 3421 96 3325 97.2% NET Serviços de Comunicação S.A. AS6389 3038 56 2982 98.2% BELLSOUTH-NET-BLK - BellSouth.net Inc. AS17974 2720 178 2542 93.5% TELKOMNET-AS2-AP PT Telekomunikasi Indonesia AS7029 4208 1727 2481 59.0% WINDSTREAM - Windstream Communications Inc AS4766 2955 961 1994 67.5% KIXS-AS-KR Korea Telecom AS22773 2299 440 1859 80.9% ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. AS18881 1708 31 1677 98.2% Global Village Telecom AS10620 2693 1070 1623 60.3% Telmex Colombia S.A. AS18566 2051 566 1485 72.4% MEGAPATH5-US - MegaPath Corporation AS4323 2956 1521 1435 48.5% TWTC - tw telecom holdings, inc. AS36998 1854 457 1397 75.4% SDN-MOBITEL AS1785 2048 669 1379 67.3% AS-PAETEC-NET - PaeTec Communications, Inc. AS7303 1736 472 1264 72.8% Telecom Argentina S.A. AS4755 1793 582 1211 67.5% TATACOMM-AS TATA Communications formerly VSNL is Leading ISP AS7552 1202 142 1060 88.2% VIETEL-AS-AP Vietel Corporation AS22561 1239 254 985 79.5% AS22561 - CenturyTel Internet Holdings, Inc. AS9829 1538 636 902 58.6% BSNL-NIB National Internet Backbone AS35908 922 93 829 89.9% VPLSNET - Krypt Technologies AS7545 2113 1301 812 38.4% TPG-INTERNET-AP TPG Telecom Limited AS18101 985 182 803 81.5% RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI AS4808 1144 380 764 66.8% CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network AS24560 1098 369 729 66.4% AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services AS701 1511 784 727 48.1% UUNET - MCI Communications Services, Inc. d/b/a Verizon Business AS8151 1376 649 727 52.8% Uninet S.A. de C.V. AS6983 1292 578 714 55.3% ITCDELTA - ITC^Deltacom AS13977 855 143 712 83.3% CTELCO - FAIRPOINT COMMUNICATIONS, INC. AS6147 793 108 685 86.4% Telefonica del Peru S.A.A. AS855 732 58 674 92.1% CANET-ASN-4 - Bell Aliant Regional Communications, Inc. AS4780 1020 354 666 65.3% SEEDNET Digital United Inc. AS4788 873 228 645 73.9% TMNET-AS-AP TM Net, Internet Service Provider Total 54173 15085 39088 72.2% Top 30 total Possible Bogus Routes 27.54.116.0/22 AS55452 27.54.116.0/24 AS55452 27.54.119.0/24 AS55452 27.100.7.0/24 AS56096 62.61.220.0/24 AS24974 TACHYON-EU Tachyon Europe BV 62.61.221.0/24 AS24974 TACHYON-EU Tachyon Europe BV 62.122.216.0/22 AS48727 63.247.0.0/19 AS226 LOS-NETTOS-AS - Los Nettos 63.247.0.0/24 AS27609 63.247.1.0/24 AS27609 63.247.2.0/24 AS27609 63.247.3.0/24 AS27609 63.247.4.0/24 AS27609 63.247.5.0/24 AS27609 63.247.6.0/24 AS27609 63.247.7.0/24 AS27609 63.247.8.0/24 AS27609 63.247.9.0/24 AS27609 63.247.10.0/24 AS27609 63.247.11.0/24 AS27609 63.247.13.0/24 AS27609 63.247.14.0/24 AS27609 63.247.15.0/24 AS27609 63.247.16.0/24 AS27609 63.247.17.0/24 AS27609 63.247.18.0/24 AS27609 63.247.19.0/24 AS27609 63.247.20.0/24 AS27609 63.247.21.0/24 AS27609 63.247.22.0/24 AS27609 63.247.23.0/24 AS27609 63.247.24.0/24 AS27609 63.247.25.0/24 AS27609 63.247.26.0/24 AS27609 63.247.27.0/24 AS27609 63.247.28.0/24 AS27609 63.247.29.0/24 AS27609 64.25.16.0/23 AS19535 64.25.20.0/24 AS19535 64.25.21.0/24 AS19535 64.25.22.0/24 AS19535 64.25.27.0/24 AS7046 RFC2270-UUNET-CUSTOMER - MCI Communications Services, Inc. d/b/a Verizon Business 64.111.0.0/20 AS8039 CCC-ASN-1 - Cinergy Communications 64.111.160.0/20 AS40551 64.111.160.0/24 AS40551 64.111.161.0/24 AS40551 64.111.162.0/24 AS40551 64.111.167.0/24 AS40551 64.111.169.0/24 AS40551 64.111.170.0/24 AS40551 64.111.171.0/24 AS40551 64.111.172.0/24 AS40551 64.111.173.0/24 AS40551 64.111.174.0/24 AS40551 64.111.175.0/24 AS40551 64.185.224.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.225.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.226.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.227.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.228.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.229.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.230.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.231.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.232.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.233.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.234.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.235.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.236.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.237.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.238.0/24 AS27431 JTLNET - JTL Networks Inc. 64.185.239.0/24 AS27431 JTLNET - JTL Networks Inc. 64.202.48.0/22 AS23380 64.202.52.0/23 AS23380 64.202.54.0/24 AS23380 64.202.55.0/24 AS23380 64.202.56.0/22 AS23380 64.202.60.0/24 AS23380 64.202.61.0/24 AS23380 64.202.62.0/24 AS23380 64.202.63.0/24 AS23380 65.75.216.0/23 AS10494 AAI - Accurate Automation, Inc. 65.75.217.0/24 AS10494 AAI - Accurate Automation, Inc. 65.111.1.0/24 AS32258 SDNGLOBAL - SDN Global 66.11.112.0/20 AS14572 66.55.96.0/23 AS17203 66.55.98.0/24 AS17203 66.55.99.0/24 AS17203 66.55.100.0/22 AS17203 66.55.102.0/23 AS17203 66.55.104.0/21 AS17203 66.180.64.0/21 AS32558 ZEUTER - Zeuter Development Corporation 66.180.239.0/24 AS35888 VIGNETTE - VIGNETTE CORPORATION 66.187.240.0/20 AS14552 ACS-SOUTHEASTDATACENTER - Affiliated Computer Services, Inc. 66.205.224.0/19 AS16526 BIRCH-TELECOM - Birch Telecom, Inc. 66.206.208.0/22 AS23380 66.206.211.0/24 AS14288 MPINET - MPInet 66.206.212.0/24 AS23380 66.206.213.0/24 AS14288 MPINET - MPInet 66.206.214.0/24 AS23380 66.206.215.0/24 AS23380 66.206.216.0/23 AS14288 MPINET - MPInet 66.206.218.0/23 AS23380 66.206.220.0/22 AS23380 66.251.128.0/24 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.251.133.0/24 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.251.134.0/24 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.251.136.0/21 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.251.140.0/24 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.251.141.0/24 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.251.142.0/24 AS33227 BLUEBRIDGE-NETWORKS - Blue Bridge Networks 66.254.160.0/20 AS11402 CCCAS-1 - Charlotte Colocation Center, LLc 66.254.176.0/21 AS11402 CCCAS-1 - Charlotte Colocation Center, LLc 66.254.184.0/22 AS11402 CCCAS-1 - Charlotte Colocation Center, LLc 66.254.188.0/22 AS35916 MULTA-ASN1 - MULTACOM CORPORATION 67.21.144.0/22 AS174 COGENT Cogent/PSI 67.21.148.0/22 AS174 COGENT Cogent/PSI 69.46.224.0/20 AS32592 HUNT-BROTHERS-OF-LOUISIANA-LLC - Hunt Brothers 69.46.236.0/24 AS32592 HUNT-BROTHERS-OF-LOUISIANA-LLC - Hunt Brothers 71.19.134.0/23 AS3313 INET-AS BT Italia S.p.A. 72.19.0.0/19 AS16526 BIRCH-TELECOM - Birch Telecom, Inc. 72.35.224.0/22 AS30097 NUWAVE - NuWave 72.35.232.0/21 AS6246 AVALONTEL - AvalonTel 72.44.16.0/20 AS15054 NORTHEAST-TEXAS-BROADBAND-LLC - Northeast Texas Broadband, LLC 74.112.100.0/22 AS16764 74.113.200.0/23 AS46939 74.114.52.0/22 AS40818 74.114.52.0/23 AS40818 74.114.52.0/24 AS40818 74.114.53.0/24 AS40818 74.114.54.0/23 AS40818 74.114.54.0/24 AS40818 74.114.55.0/24 AS40818 74.114.140.0/22 AS32757 74.115.124.0/23 AS46540 NARSASN - National Asset Recovery Services, Inc 74.118.132.0/22 AS5117 91.193.60.0/22 AS3356 LEVEL3 Level 3 Communications 91.195.66.0/23 AS3356 LEVEL3 Level 3 Communications 91.197.36.0/22 AS43359 91.199.90.0/24 AS44330 91.207.152.0/24 AS64100 91.207.153.0/24 AS64100 91.209.115.0/24 AS31103 KEYWEB-AS Keyweb AG 91.212.54.0/24 AS21409 IKOULA Ikoula Net SAS 93.190.8.0/24 AS47254 93.190.9.0/24 AS47254 93.190.10.0/24 AS47254 94.158.16.0/22 AS3257 TINET-BACKBONE Tinet SpA 94.158.20.0/22 AS3257 TINET-BACKBONE Tinet SpA 94.158.24.0/22 AS3257 TINET-BACKBONE Tinet SpA 94.158.28.0/22 AS3257 TINET-BACKBONE Tinet SpA 100.100.0.0/24 AS4847 CNIX-AP China Networks Inter-Exchange 102.2.88.0/22 AS38456 PACTEL-AS-AP Pacific Teleports. 103.11.1.0/24 AS9822 AMNET-AU-AP Amnet IT Services Pty Ltd 103.13.184.0/23 AS58674 103.15.228.0/22 AS38809 NXGNET-AS-AP Nextgen Networks 103.15.228.0/23 AS38809 NXGNET-AS-AP Nextgen Networks 103.15.230.0/23 AS38809 NXGNET-AS-AP Nextgen Networks 103.21.72.0/22 AS13244 103.21.75.0/24 AS13244 116.206.72.0/24 AS6461 MFNX MFN - Metromedia Fiber Network 116.206.85.0/24 AS6461 MFNX MFN - Metromedia Fiber Network 116.206.103.0/24 AS6461 MFNX MFN - Metromedia Fiber Network 117.120.56.0/21 AS4755 TATACOMM-AS TATA Communications formerly VSNL is Leading ISP 121.46.0.0/16 AS4134 CHINANET-BACKBONE No.31,Jin-rong Street 124.64.0.0/10 AS4847 CNIX-AP China Networks Inter-Exchange 164.40.184.0/24 AS19821 172.102.0.0/22 AS4812 CHINANET-SH-AP China Telecom (Group) 172.116.0.0/24 AS7018 ATT-INTERNET4 - AT&T Services, Inc. 174.136.192.0/18 AS14572 178.218.240.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.241.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.242.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.243.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.244.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.245.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.246.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.247.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.248.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.249.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.250.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.251.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.252.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.253.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.254.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 178.218.255.0/24 AS44109 PROJECT-A-AS Stroy-Industria-1 LLC 185.42.96.0/22 AS47139 INDIGO-TADZHIKISTAN-AS CJSC INDIGO TAJIKISTAN 185.42.96.0/23 AS47139 INDIGO-TADZHIKISTAN-AS CJSC INDIGO TAJIKISTAN 185.42.98.0/23 AS47139 INDIGO-TADZHIKISTAN-AS CJSC INDIGO TAJIKISTAN 190.3.160.0/21 AS27975 SYNAPSIS COLOMBIA SAS 190.15.72.0/21 AS15146 CABLEBAHAMAS - Cable Bahamas 190.124.252.0/22 AS7303 Telecom Argentina S.A. 192.166.32.0/20 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe 193.9.59.0/24 AS1257 TELE2 193.16.106.0/24 AS31539 193.22.224.0/20 AS3322 193.22.238.0/23 AS6824 HERMES-NETWORK Hermes Telecom International Ltd 193.109.15.0/24 AS12690 MKSNET-AS MKS Autonomous System 193.164.152.0/24 AS3356 LEVEL3 Level 3 Communications 193.178.217.0/24 AS20737 193.188.252.0/24 AS8697 JTC-AS8697 Jordan Telecommunications Company 193.202.8.0/21 AS3322 193.254.218.0/23 AS25229 VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC 194.34.56.0/24 AS3549 GBLX Global Crossing Ltd. 194.34.56.0/25 AS3549 GBLX Global Crossing Ltd. 194.34.56.128/26 AS3549 GBLX Global Crossing Ltd. 194.50.82.0/24 AS16276 OVH OVH Systems 194.63.152.0/22 AS3356 LEVEL3 Level 3 Communications 194.79.48.0/22 AS39117 194.113.27.0/24 AS12518 SHLINK SHLINK Internet Service 194.126.219.0/24 AS34545 195.28.168.0/23 AS8655 195.114.4.0/23 AS41158 195.128.240.0/23 AS21202 DCSNET-AS Bredband2 AB 195.130.208.0/24 AS16265 LEASEWEB LeaseWeb B.V. 195.216.234.0/24 AS31309 NMV-AS New Media Ventures BVBA 195.234.156.0/24 AS25028 200.1.112.0/24 AS29754 GO2TEL GO2TEL.COM INC. 200.18.112.0/20 AS1916 Associação Rede Nacional de Ensino e Pesquisa 200.58.248.0/21 AS27849 201.71.16.0/20 AS28638 EMTEC EMPRESA DE TECNOLOGIA EMPREENDIMENTOS DE COM 202.8.106.0/24 AS9530 SHINSEGAE-AS SHINSEGAE I&C Co., Ltd. 202.12.123.0/24 AS57792 PROVITEX-AS PE Glazunov Yuriy Anatol'yevich 202.49.33.0/24 AS7657 VODAFONE-NZ-NGN-AS Vodafone NZ Ltd. 202.58.113.0/24 AS19161 202.59.240.0/24 AS17477 MCT-SYDNEY Macquarie Telecom 202.83.120.0/21 AS37972 202.83.124.0/24 AS37972 202.83.125.0/24 AS37972 202.83.126.0/24 AS37972 202.94.1.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network 202.129.208.0/24 AS57792 PROVITEX-AS PE Glazunov Yuriy Anatol'yevich 202.158.251.0/24 AS9255 CONNECTPLUS-AS Singapore Telecom 202.174.125.0/24 AS9498 BBIL-AP BHARTI Airtel Ltd. 202.179.134.0/24 AS23966 LDN-AS-PK LINKdotNET Telecom Limited 203.23.1.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications 203.24.38.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications 203.30.127.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications 203.32.86.0/23 AS18111 NETSPEED-AS-AP Netspeed Internet Communications 203.32.86.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications 203.32.87.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications 203.142.219.0/24 AS45149 203.191.56.0/21 AS38042 INCOMNET-MONGOLIA-AS-AP Incomnet LLC, Mongolia, VSAT and Wireless service 204.9.32.0/24 AS25617 204.9.33.0/24 AS25617 204.9.34.0/24 AS25617 204.9.35.0/24 AS25617 204.9.116.0/22 AS30097 NUWAVE - NuWave 204.10.88.0/21 AS3356 LEVEL3 Level 3 Communications 204.10.92.0/23 AS30097 NUWAVE - NuWave 204.10.94.0/23 AS30097 NUWAVE - NuWave 204.13.12.0/22 AS32952 204.14.208.0/21 AS32952 204.14.213.0/24 AS40067 NEWEGG - Newegg Inc. 204.15.208.0/22 AS13706 COMPLETEWEBNET - CompleteWeb.Net LLC 204.69.144.0/24 AS27283 RJF-INTERNET - Raymond James Financial, Inc. 204.106.16.0/24 AS4323 TWTC - tw telecom holdings, inc. 204.115.110.0/23 AS53709 204.187.11.0/24 AS51113 ELEKTA-AS Elekta 204.225.173.0/24 AS6407 PRIMUS-AS6407 - Primus Telecommunications Canada Inc. 205.159.44.0/24 AS40157 ADESA-CORP-AS - ADESA Corp 205.207.66.0/24 AS15290 ALLST-15290 - Allstream Corp. 205.211.160.0/24 AS30045 UHN-ASN - University Health Network 205.236.71.0/24 AS852 ASN852 - TELUS Communications Inc. 206.81.112.0/20 AS32618 ADKNO-KC - Adknowledge, Inc. 206.197.184.0/24 AS23304 DATOTEL-STL-AS - Datotel LLC, a NetLabs LLC Company 206.221.176.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.177.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.178.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.179.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.180.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.181.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.182.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.183.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.184.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.185.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.186.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.187.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.188.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.189.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.190.0/24 AS27431 JTLNET - JTL Networks Inc. 206.221.191.0/24 AS27431 JTLNET - JTL Networks Inc. 207.174.131.0/24 AS26116 INDRA - Indra's Net Inc 207.174.132.0/23 AS26116 INDRA - Indra's Net Inc 207.174.152.0/23 AS26116 INDRA - Indra's Net Inc 207.174.154.0/24 AS26116 INDRA - Indra's Net Inc 207.174.155.0/24 AS26116 INDRA - Indra's Net Inc 207.174.200.0/24 AS22658 EARTHNET - Earthnet, Inc. 207.231.96.0/19 AS11194 NUNETPA - NuNet Inc. 207.254.128.0/21 AS30689 FLOW-NET - FLOW 207.254.128.0/24 AS30689 FLOW-NET - FLOW 207.254.136.0/21 AS30689 FLOW-NET - FLOW 208.66.120.0/22 AS32757 208.68.180.0/22 AS4323 TWTC - tw telecom holdings, inc. 208.74.16.0/21 AS32952 208.74.224.0/22 AS174 COGENT Cogent/PSI 208.75.152.0/21 AS32146 208.76.20.0/24 AS31812 208.76.21.0/24 AS31812 208.77.164.0/24 AS22659 208.77.165.0/24 AS22659 208.77.166.0/24 AS22659 208.77.167.0/24 AS22659 208.83.53.0/24 AS40569 YGOMI-AS - Ygomi LLC 208.84.232.0/24 AS33131 208.84.234.0/24 AS33131 208.84.237.0/24 AS33131 208.84.238.0/24 AS33131 208.85.116.0/23 AS25956 ALPHEUS - Alpheus Data Services, L.L.C. 208.85.212.0/22 AS32618 ADKNO-KC - Adknowledge, Inc. 208.89.32.0/24 AS27431 JTLNET - JTL Networks Inc. 208.89.33.0/24 AS27431 JTLNET - JTL Networks Inc. 208.89.34.0/24 AS27431 JTLNET - JTL Networks Inc. 208.89.35.0/24 AS27431 JTLNET - JTL Networks Inc. 208.91.72.0/24 AS17361 BRASS - Sungard Trading System (ASC) 208.91.73.0/24 AS17361 BRASS - Sungard Trading System (ASC) 208.91.76.0/23 AS21681 ANDOVER-TRADING - ANDOVER TRADING 208.91.164.0/22 AS46099 208.92.224.0/22 AS32757 208.92.226.0/24 AS32757 209.161.96.0/20 AS8039 CCC-ASN-1 - Cinergy Communications 209.177.64.0/20 AS6461 MFNX MFN - Metromedia Fiber Network 209.193.112.0/20 AS209 ASN-QWEST-US NOVARTIS-DMZ-US 209.209.51.0/24 AS18687 MPOWER-2 - MPOWER COMMUNICATIONS CORP. 209.209.64.0/20 AS46851 IPARADIGMS - iParadigms, LLC 209.212.63.0/24 AS16467 ASN-NEXTWEB-R1 - Nextweb, Inc 209.213.0.0/20 AS33005 ELTOPIA - Eltopia.com, LLC 209.234.112.0/23 AS32252 209.234.114.0/23 AS32252 209.234.116.0/24 AS32252 209.234.117.0/24 AS32252 209.234.118.0/24 AS32252 209.234.119.0/24 AS32252 209.234.120.0/24 AS32252 209.234.121.0/24 AS32252 209.234.122.0/24 AS32252 212.119.32.0/19 AS12550 213.184.64.0/24 AS13071 213.184.65.0/24 AS13071 213.184.66.0/24 AS13071 213.184.67.0/24 AS13071 213.184.68.0/24 AS13071 213.184.69.0/24 AS13071 213.184.70.0/24 AS13071 213.184.71.0/24 AS13071 213.184.72.0/24 AS13071 213.184.73.0/24 AS13071 213.184.74.0/24 AS13071 213.184.75.0/24 AS13071 213.184.76.0/24 AS13071 213.184.77.0/24 AS13071 213.184.78.0/24 AS13071 216.12.163.0/24 AS26627 AS-PILOSOFT - Pilosoft, Inc. 216.14.64.0/20 AS14728 216.146.0.0/19 AS11915 TELWEST-NETWORK-SVCS-STATIC - TEL WEST COMMUNICATIONS LLC 216.152.24.0/22 AS22773 ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. 216.170.96.0/24 AS4565 MEGAPATH2-US - MegaPath Networks Inc. 216.170.101.0/24 AS4565 MEGAPATH2-US - MegaPath Networks Inc. 216.170.104.0/24 AS4565 MEGAPATH2-US - MegaPath Networks Inc. 216.170.105.0/24 AS4565 MEGAPATH2-US - MegaPath Networks Inc. 216.234.128.0/22 AS14545 ADR-DRIVING-RECORDS - AMERICAN DRIVING RECORDS, INC. 216.234.132.0/24 AS14545 ADR-DRIVING-RECORDS - AMERICAN DRIVING RECORDS, INC. 216.234.139.0/24 AS14545 ADR-DRIVING-RECORDS - AMERICAN DRIVING RECORDS, INC. Please see http://www.cidr-report.org for the full report ------------------------------------ Copies of this report are mailed to: nanog(a)nanog.org eof-list(a)ripe.net apops(a)apops.net routing-wg(a)ripe.net afnog(a)afnog.org

1 0