On Sun, 21 Aug 2011, Ken Chase wrote:
That said, what is the de jure responce when a prefix is hijacked? Does anyone have a 'best practices' guide? I am sure some of the most effective vs legal practices are not in fact concomittant.
It doesn't hurt to complain/announce about it here and various other NOGs. Spamhaus, SORBS, and possibly other DNSBLs might, if they buy the case, decide to list the space until the dispute is resolved, especially if its being used for spamming operations. But resolution is going to have to come from communications between the "owner", the relevant RIR, and the transit provider(s) (or possibly their transit providers) providing service to the hijacker. The RIRs can't stop anyone from announcing routes...but I suspect any legitimate NSP when approached by ARIN, RIPE, APNIC, etc. and told that routes they're propagating for a customer are hijacked, will accede to the opionion of the RIR. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________