[Dshield] Have spammers managed to forge the first received lines?

JD lists at webcrunchers.com
Sun Feb 8 07:26:27 GMT 2004


On Feb 1, 2004, at 11:19 AM, Pete Cap wrote:

> Spammers are hijacking IP space for a quite a while now. Usually they
> try to figure out assigned but unused IP space which they will then
> temporarily announce from other networks. Services like Renesys's
> 'GRADUS' service can be used to watch for announcement of one's IP 
> space
> from unauthorized sources.

Just what I thought.  I talked to some people in Germany,  just got back
and learned a lot of things,  but reporting hijacked IP's and who to 
report
them to,  presents a real problem.  You just don't know who the upstream
provider is,  unless you can somehow hack into the routers.

I wonder who or what agency manages these IP addresses and how they can
stop it.

I can't quite understand how this can happen unless these main upstream
routers are somehow hacked.   I've heard of exploits to Cisco routers
and certain hacks on them.   Is this how it's done?    One would think
these big pipe managers would know how to secure their systems.

John




More information about the list mailing list