Three of ours just got jacked. I have tried to contact via email for update / fix of their end. -Mike -----Original Message----- From: Felix Aronsson [mailto:felix@mrfriday.com] Sent: Wednesday, April 02, 2014 3:22 PM To: Joseph Jenkins Cc: nanog@nanog.org Subject: Re: BGPMON Alert Questions Seeing the same here for a /21. This seems to have happened before with AS4761? See http://www.bgpmon.net/hijack-by-as4761-indosat-a-quick-report/from january 2011. On Wed, Apr 2, 2014 at 8:51 PM, Joseph Jenkins <joe@breathe-underwater.com>wrote:
So I setup BGPMON for my prefixes and got an alert about someone in Thailand announcing my prefix. Everything looks fine to me and I've checked a bunch of different Looking Glasses and everything announcing correctly.
I am assuming I should be contacting the provider about their misconfiguration and announcing my prefixes and get them to fix it. Any other recommendations?
Is there a way I can verify what they are announcing just to make sure they are still doing it?
Here is the alert for reference:
Your prefix: 8.37.93.0/24:
Update time: 2014-04-02 18:26 (UTC)
Detected by #peers: 2
Detected prefix: 8.37.93.0/24
Announced by: AS4761 (INDOSAT-INP-AP INDOSAT Internet Network Provider,ID)
Upstream AS: AS4651 (THAI-GATEWAY The Communications Authority of Thailand(CAT),TH)
ASpath: 18356 9931 4651 4761