Folx, On Sun, Jan 22, 2006 at 06:09:08PM +0000, Thor Lancelot Simon wrote:
This is hardly as serious as the last incident -- but, well, some people do seem to have all the luck, eh?
From where I'm standing this situation looks much more serious than the last one. It looks like Con Edison (AS27506) hijacked several prefixes other than just Panix's, and I'm not sure that they're done announcing them yet. I see ~70 new prefixes, many of whom are customers of Con Edison, but about 25 of these appear to have no previous relationship to 27506).
I won't bore people with to many details here (unless there is great interest) but a quick, rough-n-ready analysis is up at http://www.renesys.com/blog/2006/01/coned_steals_the_net.shtml for those that are curious. (For those that don't want to read it, I think one main punchline is that Con Edison spewed a bunch of routes they didn't own and UUNet and Verio believed them). Please let me know if you see errors in there. t. -- _____________________________________________________________________ todd underwood chief of operations & security renesys - internet intelligence todd@renesys.com www.renesys.com