1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

US LEC abuse, takes over part of Bella Mia, Inc's network

Discussion in 'Security' started by Mia, Jan 23, 2007.

0
  1. #1
    What happened to Mia? It looks like, Bella Mia, Inc., when MIA (missing in action) on Monday January 22, 2007. The first 4 class C blocks in our IP range were hijacked. A company named US LEC (http://www.uslec.com) entered our netblock in the form of a /22 in their routers at or around 9AM US CST on the morning of January 22, 2007. This resulted in the first four blocks of our /20 being rendered unusable. Given that US LEC, while completely inept, has a much larger network than we do, and peers with in excess of 10 ISP's, it took us nearly 2 hours to regain control of our network.

    We called US LEC and our calls for help when unanswered. Their network engineer was completely unreachable. Instead we had to call each one of US LEC's providers and convince them to either shut down US LEC or filter them. Most carriers where impossible to deal with in this regard. Companies like Verizon, for example, refused to help with any abuse by one of their customers, unless we were an actual Verizon customer. Figure that out? One of the support people at Level 3 was able to not only filter the incorrectly advertised routes, they were also able to get ahold of US LEC and have them remove the offending routes.

    US LEC is a publicly traded company.
    US LEC's ASN in 1785
    US LEC has yet to contact us.
    US LEC has yet to apologize to us.
    US LEC has yet to even respond to us in any manor.
    US LEC's web site: http://uslec.com

    This company, IMO is completely irresponsible and should not be running a data network. While it is understandable that making mistakes can and will happen, a company of this size, a publicly traded corporation should have the resources to check their work. Further to that, US LEC should have people available to correct mistakes. US LEC cost my company considerable business, complaints, down time, and most of all MONEY.

    For those that do not understand completely what US LEC did. They entered our netblock into their routers and began advertising it out all of their providers as their own. Given their size, and the fact that they are not filtered by their providers, they were able to force each of their carriers, to announce Bella Mia, Inc.'s blocks as their own. Doing this meant customers in the affected blocks, which affected some 3,000 people, we unable communicate. Luckily most of our colo and dedicated server customers, etc., where located in blocks higher up in the /20 which left them unaffected. However, the damage done in the /22 was large enough that it caused quite a disruption for us, killed our DNS, mail, as well as several customer sites, wireless customers, dialup customers and more.

    At this point, I am not sure what our recourse is. I have no idea how to prevent something like this from occurring in the future, and I have no idea how I can quickly convince other ISP's, places like, Verizon for example, to assist us in this situation. At one point in a conversation with Verizon I had to pose as Home Land Security to get someone to talk to me.

    US LEC, you essentially FUCKED us, and you have yet to respond or apologize.
     
    Mia, Jan 23, 2007 IP
    Will.Spencer likes this.