Internet2 Network Security SIG

[John Kristoff <>]

On Wed, 15 Jun 2016 21:37:21 +0000
Michael Scarpellino 
<>
 wrote:

> I was not able to catch the presenter after the talk to discuss what
> we could do as a community, but I thought I would at least pass along
> this information along. I believe someone suggested ARIN reach out to
> Educause, so we will probably be hearing more about this in the
> future. In the meantime, awe all might at least review and update our
> POC data.

Hi Michael, I also suggested the REN-ISAC may be interested and able to
help coordinate any sort of alerting or triage.  It seems that there is
a lot of legacy space that might not just be susceptible due to
neglect, but that the legacy space is in disuse, making assignment
hijacking difficult not only to detect, but even to know who the
legitimate owner may be.

I caught up with Christoher Spears (@OARnet) after the talk and he
informed me that he has been doing some monitoring of some of this on
behalf of OARnet and for Internet2.

I was going to bring this up in the next REN-ISAC technical advisory
group meeting as something to begin educating the community about.
More eyes on this sort of thing wouldn't hurt.

John