I've seen presos on RIS for donkeys years - the earliest one I can find online was in APRICOT 2001 What do you think is going to drive more adoption of this (and filtering based on IRR data)? We all know who is using them and who isn’t. The ones who don't use it leak routes, a lot. Come to think of it, Philip and Geoff have been presenting their CIDR report on aggregation for even longer than that. I haven't seen their list of prefixes that could do with a ton of aggregation getting any smaller .. Based on all this, I remain unconvinced that this problem is going to be solved by other than policy based means. --srs On 05/04/19, 12:44 PM, "anti-abuse-wg on behalf of Wolfgang Tremmel" <anti-abuse-wg-bounces@ripe.net on behalf of wolfgang.tremmel@de-cix.net> wrote: Which is why services like RIPE RIS are so valuable to the community. If anybody would just send its full BGP table to RIS detecting hijacks (and later proofing that they happened) would be much easier. If you do not know what I am talking about, read: https://www.ripe.net/analyse/internet-measurements/routing-information-servi... ...and setup a BGP session to RIS. Wolfgang > On 5. Apr 2019, at 01:43, Suresh Ramasubramanian <ops.lists@gmail.com> wrote: > > You might find a hijacked prefix advertised solely to a single asn at an ix where it peers, and this for the purpose of spamming to or otherwise attacking whoever owns the asn. Most of these targeted announcements might not even be visible to anyone else. > -- Wolfgang Tremmel Phone +49 69 1730902 26 | Fax +49 69 4056 2716 | Mobile +49 171 8600 816 | wolfgang.tremmel@de-cix.net Executive Directors: Harald A. Summa and Sebastian Seifert | Trade Registry: AG Cologne, HRB 51135 DE-CIX Management GmbH | Lindleystrasse 12 | 60314 Frankfurt am Main | Germany | www.de-cix.net