black hat .cn networks

Kevin_Day3 · April 30, 2001, 10:37pm

http://wired.com/news/politics/0,1283,43437,00.html

Time to drop AS4134.

-Dan

Is that the right AS number? ARIN and APNIC have no knowledge of it... RIPE
says:

as-block: AS3354 - AS4607
descr: ARIN ASN block
remarks: These AS numbers are further assigned by ARIN
remarks: to ARIN members and end-users in the ARIN region
admin-c: ARIN1-RIPE
tech-c: ARIN1-RIPE
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: RIPE-NCC-NONE-MNT
changed: ripe-dbm@ripe.net 20010423
source: RIPE

1112 · April 30, 2001, 10:47pm

connecting to whois.arin.net [192.149.252.21:43] ...
Data Communications Bureau (ASN-CHINALINK)
   40, Xue Yuan Lu
   Beijing
   100083
   CN

Autonomous System Name: CHINALINK
Autonomous System Number: 4134

   Coordinator:
      Wan, Jun (JW221-ARIN) dstanton@HQ.SI.NET
      (861)-201-2994 (FAX) (861)-205-3995

Record last updated on 01-Dec-1994.
Database last updated on 28-Apr-2001 22:45:44 EDT.

-Dan

Gary_E_Miller · April 30, 2001, 11:24pm

Yo Kevin!

> Time to drop AS4134.

Is that the right AS number? ARIN and APNIC have no knowledge of it... RIPE
says:

Time to update your whois client:

hobbes:/etc/mail# whois AS4134
Data Communications Bureau (ASN-CHINALINK)
   40, Xue Yuan Lu
   Beijing
   100083
   CN

Autonomous System Name: CHINALINK
Autonomous System Number: 4134

   Coordinator:
      Wan, Jun (JW221-ARIN) dstanton@HQ.SI.NET
      (861)-201-2994 (FAX) (861)-205-3995

Record last updated on 01-Dec-1994.
Database last updated on 28-Apr-2001 22:45:44 EDT.

The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.

RGDS
GARY

Vivien_M · April 30, 2001, 11:24pm

ARIN seems to have knowledge of it from here, and that does seem right:
vivienm@amethyst:~$ whois -a 4134
Data Communications Bureau (ASN-CHINALINK)
   40, Xue Yuan Lu
   Beijing
   100083
   CN

Autonomous System Name: CHINALINK
Autonomous System Number: 4134

   Coordinator:
      Wan, Jun (JW221-ARIN) dstanton@HQ.SI.NET
      (861)-201-2994 (FAX) (861)-205-3995

Record last updated on 01-Dec-1994.
Database last updated on 28-Apr-2001 22:45:44 EDT.

The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.

Vivien

Mark_Mentovai · April 30, 2001, 11:27pm

Kevin Day wrote:

Time to drop AS4134.

Is that the right AS number? ARIN and APNIC have no knowledge of it...

4134 is in ARIN's range:

John_Fraizer4 · April 30, 2001, 11:28pm

Data Communications Bureau (ASN-CHINALINK)
   40, Xue Yuan Lu
   Beijing
   100083
   CN

Autonomous System Name: CHINALINK
Autonomous System Number: 4134

   Coordinator:
      Wan, Jun (JW221-ARIN) dstanton@HQ.SI.NET
      (861)-201-2994 (FAX) (861)-205-3995

Record last updated on 01-Dec-1994.
Database last updated on 28-Apr-2001 22:45:44 EDT.

Steve_Schaefer1 · May 1, 2001, 12:12am

I think that's the right AS. ARIN has old data for it. The most recent
info is from the CW routing database, viewable through RADB.net

I'd hit current contacts and ask for cooperation before slamming the
primary AS for a whole country...

AS4134:

notify: staff@ns.bta.net.cn
mnt-by: CN-MAINT-MCI
changed: wwei@cndata.com 20001120

CN-MAINT-MCI:

mntner: CN-MAINT-MCI
descr: CN
admin-c: ZX2-CW
tech-c: WW7-CW
upd-to: rout-reg@ns.chinanet.cn.net
auth: MAIL-FROM wwei@cndata.com
auth: MAIL-FROM rout-reg@ns.chinanet.cn.net
auth: MAIL-FROM liujj@ns.chinanet.cn.net
notify: rout-reg@ns.chinanet.cn.net
mnt-by: CN-MAINT-MCI
changed: liujj@ns.chinanet.cn.net 20010408
source: CW

person: Zhang Xinjian
address: CN
phone: +1 999 999 9999
nic-hdl: ZX2-CW
mnt-by: CN-MAINT-MCI
changed: wwei@cndata.com 20001207
source: CW

person: W Wei
address: CN
phone: +1 999 999 9999
nic-hdl: WW7-CW
mnt-by: CN-MAINT-MCI
changed: wwei@cndata.com 20001207
source: CW

John_Fraizer4 · May 1, 2001, 3:21am

person: Zhang Xinjian
address: CN
phone: +1 999 999 9999
nic-hdl: ZX2-CW
mnt-by: CN-MAINT-MCI
changed: wwei@cndata.com 20001207
source: CW

person: W Wei
address: CN
phone: +1 999 999 9999
nic-hdl: WW7-CW
mnt-by: CN-MAINT-MCI
changed: wwei@cndata.com 20001207
source: CW

I just _love_ that valid telephone number. Sweet.

!
ip as-path access-list CHINALINK permit _4134_
!
route-map PEERS permit 10
match as-path CHINALINK
set ip next-hop 192.168.13.13
!

No more need for valid contact information.

Alex_Bligh1 · May 1, 2001, 9:59am

phone: +1 999 999 9999

...

I just _love_ that valid telephone number. Sweet.

!
ip as-path access-list CHINALINK permit _4134_
!
route-map PEERS permit 10
match as-path CHINALINK
set ip next-hop 192.168.13.13

Surely you must mean _1239_ (or
indeed any of the other of the huge
majority of AS numbers with imperfect
contact information).

amb@shed:~$ whois -h whois.radb.net AS1239
aut-num: AS1239
as-name: UNSPECIFIED
descr: SprintLink Backbone
admin-c: Sean Doran
tech-c: see MAINT-AS1239
mnt-by: MAINT-AS1790
changed: smd@sprint.net 19951126
source: RADB

person: Sean Doran
address: Sprint
                    VARESA0104
                    12502 Sunrise Valley Drive
                    Reston, VA 20191
                    USA
phone: +1 703 904-2089
fax-no: +1 703 904-2280
e-mail: smd@sprint.net
nic-hdl: SMD11
mnt-by: SPRINT
changed: smd@sprint.net 20010213
source: RADB