Andree Toonk – WindowsTechs.com

Popular Destinations rerouted to Russia

Posted on December 12, 2017 by Andree Toonk

Early this morning (UTC) our systems detected a suspicious event where many prefixes for high profile destinations were being announced by an unused Russian Autonomous System. Starting at 04:43 (UTC) 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were now detected in the global BGP routing […] Continue reading Popular Destinations rerouted to Russia→

Today’s BGP leak in Brazil

Posted on October 21, 2017 by Andree Toonk

Earlier today several people noticed network reachability problems for networks such as Twitter, Google and others. The root cause turned out to be another BGP mishap. Some Google services seem to have been hijacked for roughly 15 minutes. Seen anything? @atoonk @bgpmon @bgpstreamMTR: https://t.co/RyCoE7zMld pic.twitter.com/DCT2JpKgsc— Fusl Neko Shy Dash (@OhNoItsFusl) October 21, 2017 Between 11:09 […] Continue reading Today’s BGP leak in Brazil→

BGP leak causing Internet outages in Japan and beyond.

Posted on August 26, 2017 by Andree Toonk

Yesterday some Internet users would have seen issues with their Internet connectivity, experiencing slowness or parts of the Internet as unreachable. This incident hit users in Japan particularly hard and it caused the Internal Affairs and Communications Ministry of Japan to start an investigation into what caused the large-scale internet disruption that slowed or blocked […] Continue reading BGP leak causing Internet outages in Japan and beyond.→

BGPstream and The Curious Case of AS12389

Posted on April 27, 2017 by Andree Toonk

The world of BGP routing is a fascinating place with lots of interesting BGP events happening every day. It can be challenging to keep track of it all and so two years ago we started the BGPstream website where we keep track of large scale outages and BGP hijacks. We list the events, basic info and visualize […] Continue reading BGPstream and The Curious Case of AS12389→

Large hijack affects reachability of high traffic destinations

Posted on April 22, 2016 by Andree Toonk

April 23, Update: NOC Team at innofield posted an explanation of the Incident in the comments section below. Starting today at 17:09 UTC our systems detected a large scale routing incident affecting hundreds of Autonomous systems. Many BGPmon users have received an email informing them of this change. Our initial investigation shows that the scope […] Continue reading Large hijack affects reachability of high traffic destinations→

Country wide outage in Azerbaijan

Posted on November 16, 2015 by Andree Toonk

It doesn’t happen often that a country with hundreds of prefixes is affected by a massive outage, however earlier today this unfortunately happened to Azerbaijan. Starting at 12:04 UTC approximately 94% of the prefixes out of Azerbaijan became unreachable. The event was reported on @bgpstream and details plus a replay can be found here: […] Continue reading Country wide outage in Azerbaijan→

Large scale BGP hijack out of India

Posted on November 6, 2015 by Andree Toonk

BGP hijacks happen every day, some of them affect more networks than others and every now and then there’s a major incident that affects thousands of networks. Our monitoring systems keep an eye out for our users and if you would like to have a general idea of what’s going on in the world of […] Continue reading Large scale BGP hijack out of India→

How Hacking Team Helped Italian Special Operations Group with BGP Routing Hijack

Posted on July 12, 2015 by Andree Toonk

By Andree Toonk and Dhia Mahjoub As part of the Hacking Team fall out and all the details published on Wikileaks, it became public knowledge that Hacking Team helped one of their customers Special Operations Group (ROS), regain access to Remote Access Tool (RAT) clients. As first reported here: http://blog.bofh.it/id_456 ROS recommended using BGP hijacking […] Continue reading How Hacking Team Helped Italian Special Operations Group with BGP Routing Hijack→

Massive route leak causes Internet slowdown

Posted on June 12, 2015 by Andree Toonk

Earlier today a massive route leak initiated by Telekom Malaysia (AS4788) caused significant network problems for the global routing system. Primarily affected was Level3 (AS3549 – formerly known as Global Crossing) and their customers. Below are some of the details as we know them now. Starting at 08:43 UTC today June 12th, AS4788 Telekom Malaysia started […] Continue reading Massive route leak causes Internet slowdown→

BGP Optimizer Causes Thousands Of Fake Routes

Posted on March 26, 2015 by Andree Toonk

Earlier today many BGPmon users received one or more alerts informing them that their autonomous system (AS) started to announce a more-specific prefix. BGPmon classified many of these alerts as possible BGP man-in-the-middle (MITM) attacks. Here is an example alert: ==================================================================== Possible BGP MITM attack (Code: 21) ==================================================================== Your prefix: 23.20.0.0/15: Prefix Description: acxiom-online.com — […] Continue reading BGP Optimizer Causes Thousands Of Fake Routes→