|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] MediaSentry false positives?
Valdis.Kletnieks
vt.edu
Date: Wed Jan 05 2005 - 08:53:55 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 04 Jan 2005 23:22:27 CST, Kevin said:
> the complaint, or somebody on the Internet is spoofing BGP route
> announcements for unused address space out of larger allocations.
This is actually quite likely a possibility. There are enough tier-1's who do
a piss-poor job of filtering their BGP feeds that if you can inject an
announcement you can hijack the address block. This is being actively abused by
several different groups of spammers. You might want to wander over to the
NANOG list archives and search for 'BGP hijack' and/or poke one/several of the
BGP looking glasses out there to see if there's an announcement for your space.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFB2/+DcC3lWbTT17ARAkKeAKCfh/E1397UjSS0lF1TDvSCjv+AgACeLd5y
HUxdbYd6FuBCeUq2mV3boX0=
=j7XR
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]