[sg-ops] suspect AWS route leak from AS206776 and leak through Starhub
Alan Woo Shian Loong
alan at ne.com.sg
Sun Mar 25 12:18:20 SGT 2018
Hi,
The following 2 /24 is use by AWS load balancer, and leak from AS206776 via
Starhub, application connect to the following maybe subject to MITM attack.
13.228.161.0/24
13.250.135.0/24
Affected party shall be provider / network using Starhub
Traceroute from Starhub
traceroute to 13.228.161.243 (13.228.161.243), 30 hops max, 60 byte packets
1 203.116.178.1 (203.116.178.1) 0.198 ms 0.171 ms 0.137 ms
2 203.117.190.73 (203.117.190.73) 3.758 ms 3.731 ms 3.738 ms
3 203.118.15.237 (203.118.15.237) 1.566 ms 203.118.15.241
(203.118.15.241) 3.600 ms 203.118.15.237 (203.118.15.237) 3.608 ms
4 203.118.2.26 (203.118.2.26) 3.591 ms 3.618 ms 203.118.2.30
(203.118.2.30) 3.568 ms
5 anutli13.starhub.net.sg (203.118.12.42) 3.681 ms
anutli13.starhub.net.sg (203.118.12.46) 3.563 ms 3.500 ms
6 histate.telepoint-sofia.nl-ix.net (193.239.118.20) 205.024 ms 205.113
ms 207.147 ms
7 * * *
8 * * *
9 * * *
10 * * *
#show ip bgp 13.228.161.243
BGP routing table entry for 13.228.161.0/24, version 190199360
Paths: (1 available, best #1, table default)
4657 206776 38895
Alan Woo
NewMedia Express Pte Ltd
Mobile: +65 98574266
Office: +65 66368873
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.sgnog.net/pipermail/sgops/attachments/20180325/a438ca2a/attachment.html>
More information about the Sgops
mailing list