Re: Problems sending mail to yahoo?
[ should this move to nanog-futures? well, it's a quiet saturday ] > Collocation would be a useful idea - save airfare, hotel etc. immensely difficult. the nanog sc could not even get the nanog administrative structure to avoid a direct and damaging conflict with afnog for the next meeting. if successful, it will have taken over two years of work to get a meeting in the dominican republic. ... not that this might not be worth trying. just that it is extremely far from simple. >> otoh, being on the frobnitz program committee would be an interesting >> lesson and exercise in industry physics. > You think there's not enough convergence + shared interests in such > programs? different question. what i meant was that the synergies and tensions between the subject areas would be quite evident on a joint pc, and have to be worked out. doing so would be an educational experience. > I mean, abuse + security teams could care less about MPLS and peering, > but there is a lot they're discussing (walled gardens, botnet > mitigation etc) that does get discussed in far better detail at nanog. > Or at FIRST. yes. randy
Re: Problems sending mail to yahoo?
On Sat, Apr 12, 2008 at 9:02 AM, Randy Bush <[EMAIL PROTECTED]> wrote: > > Packet pushers go to *NOG. And the abuse desks mostly all go to > > MAAWG. And any CERTs / security types the ISP has go to FIRST and > > related events. And most of them never do coordinate internally, run > > by different groups probably in different cities ... > > "dear coo/ceo/whomever: i want approval to send the five folk who go to > nanog, and the five folk who go to maawg, and the five folk who go to > first to *all* go to the new frobnitz joint conference." Collocation would be a useful idea - save airfare, hotel etc. I had this lovely little experience where the lead CERT guy at ISP X was talking about a particular trojan that was hitting his ISP, and was hitting [ISP Y] and hitting [ISP Z]. He says "I saw these trojans hitting ISPs Y and Z but didnt know anybody there". If he'd just bothered to step across the hall and talk to his colleagues at ISP X's abuse desk.. they are, and have been for years, in regular contact with their counterparts at Y and Z - email, face to face, phone, IM etc. > otoh, being on the frobnitz program committee would be an interesting > lesson and exercise in industry physics. You think there's not enough convergence + shared interests in such programs? I mean, abuse + security teams could care less about MPLS and peering, but there is a lot they're discussing (walled gardens, botnet mitigation etc) that does get discussed in far better detail at nanog. Or at FIRST. srs
Re: Problems sending mail to yahoo?
Suresh Ramasubramanian wrote: > On Sat, Apr 12, 2008 at 2:34 AM, Barry Shein <[EMAIL PROTECTED]> > wrote: >> The lesson one should get from all this is that the ultimate harm >> of spammers et al is that they are succeeding in corrupting the >> idea of a standards-based internet. huh? i think that, with their attacks, they are actually helping to drive improvements in the standards. of course, the disfunction of the standards organizations does not make this as clean a process and as much of a win as it could be. but considering that security was not very thoroughly designed in the original standards, we're not doing all that badly. it's always gonna be a chase. > The lesson here is that different groups at the same ISPs go to > different places i am not sure that is so much a lesson as an observation. the lesson may be, in part, that this is sub-optimal. can it be changed? how? > Packet pushers go to *NOG. And the abuse desks mostly all go to > MAAWG. And any CERTs / security types the ISP has go to FIRST and > related events. And most of them never do coordinate internally, run > by different groups probably in different cities ... "dear coo/ceo/whomever: i want approval to send the five folk who go to nanog, and the five folk who go to maawg, and the five folk who go to first to *all* go to the new frobnitz joint conference." think that'll fly? otoh, being on the frobnitz program committee would be an interesting lesson and exercise in industry physics. when i first joined acm ('67), i could keep up with a significant portion of the literature. now i maybe see a single digit percentage. the field has broadened. the ops and other applied areas have similarly broadened and specialized. we are victims of our own success. randy
Re: Problems sending mail to yahoo?
On Sat, Apr 12, 2008 at 2:34 AM, Barry Shein <[EMAIL PROTECTED]> wrote: > The lesson one should get from all this is that the ultimate harm of > spammers et al is that they are succeeding in corrupting the idea of a > standards-based internet. The lesson here is that different groups at the same ISPs go to different places Packet pushers go to *NOG. And the abuse desks mostly all go to MAAWG. And any CERTs / security types the ISP has go to FIRST and related events. And most of them never do coordinate internally, run by different groups probably in different cities ... --srs
Re: /24 blocking by ISPs - Re: Problems sending mail to yahoo?
On Fri, Apr 11, 2008 at 8:37 PM, Raymond L. Corbin <[EMAIL PROTECTED]> wrote: > It's not unusual to do /24 blocks, however Yahoo claims they do not keep any > logs as to what causes the /24 We keep quite detailed logs. No comment about yahoo - I've never been at the other end of a /24 block from them srs
Re: Problems sending mail to yahoo?
> > The lesson one should get from all this is that the ultimate harm of > > spammers et al is that they are succeeding in corrupting the idea of a > > standards-based internet. > > > > Sites invent policies to try to survive in a deluge of spam and > > implement those policies in software. > > > > Usually they're loathe to even speak about how any of it works either > > for fear that disclosure will help spammers get around the software or > > fear that someone, maybe a customer maybe a litigious marketeer who > > feels unfairly excluded, will hold their feet to the fire. > > > > So it's a vast sea of security by obscurity and standards be damned. > > > > It's a real and serious failure of the IETF et al. > > Has anyone ever figured out what percentage of a connection to the > internet is now overhead i.e. spam, scan, viruses, etc? More than 5%? If > we put everyone behind 4to6 gateways would the spam crush the gateways > or would the gateways stop the spam? Would we add code to these > transitional gateways to make them do more than act like protocol > converters and then end up making them permanent because of "benefit"? > Perhaps there's more to transitioning to a new technology after all? > Maybe we could get rid of some of the cruft and right a few wrongs while > we're at it? We(*) can't even get BCP38 to work. Ha. Having nearly given up in disgust on trying to devise workable anti-spam solutions that would reliably deliver requested/desired mail to my own mailbox, I came to the realization that the real problem with the e-mail system is so fundamental that there's no trivial way to "save" it. Permission to mail is implied by simply knowing an e-mail address. If I provide "[EMAIL PROTECTED]" to a vendor in order to receive updates to an online order, the vendor may retain that address and then mail it again at a later date. Worse, if the vendor shares the address list with someone else, we eventually have the Millions CD problem - and I have no idea who was responsible. Giving out tagged addresses gave a somewhat useful way to track back the "who was responsible," but didn't really offload the spam from the mail server. I've "solved" my spam problem (or, more accurately, am in the process of slowly solving my spam problem) by changing the paradigm. If the problem is that knowing an e-mail address acts as the key to the mail box, then giving the same key to everyone is stupid. For vendors, I now give them a crypto-signed e-mail address(*2). By making the key a part of the DNS name, I can turn off reception for a "bad" sender (anyone I don't want to hear from anymore!) or a sender who's shared "my" address with their "affiliates" (block two for the price of one!) All other validated mail makes it to my mailbox without further spam filtering of any kind. This has been excessively effective, though doing it for random consumers poses a lot of interesting problems. However, it proves to me that one of the problems is the permission model currently used. The spam problem is potentially solvable, but there's a failure to figure out (at a leadership level) paradigm changes that could actually make a difference. There's a lot of resistance to changing anything about the way e-mail works, and understandably so. However, these are the sorts of things that we have to contemplate and evaluate if we're really interested in making fundamental changes that reduce or eliminate abuse. (*) fsvo "we" that doesn't include AS14536. (*2) I've omitted a detailed description of the strategy in use because it's not necessarily relevant to NANOG. I'm happy to discuss it with anyone interested. It has technical merit going for it, but it represents a significant divergence from current practice. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
RE: Problems sending mail to yahoo?
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Barry Shein > Sent: Friday, April 11, 2008 5:04 PM > To: nanog@merit.edu > Subject: Re: Problems sending mail to yahoo? > > > > The lesson one should get from all this is that the ultimate harm of > spammers et al is that they are succeeding in corrupting the idea of a > standards-based internet. > > Sites invent policies to try to survive in a deluge of spam and > implement those policies in software. > > Usually they're loathe to even speak about how any of it works either > for fear that disclosure will help spammers get around the software or > fear that someone, maybe a customer maybe a litigious marketeer who > feels unfairly excluded, will hold their feet to the fire. > > So it's a vast sea of security by obscurity and standards be damned. > > It's a real and serious failure of the IETF et al. Has anyone ever figured out what percentage of a connection to the internet is now overhead i.e. spam, scan, viruses, etc? More than 5%? If we put everyone behind 4to6 gateways would the spam crush the gateways or would the gateways stop the spam? Would we add code to these transitional gateways to make them do more than act like protocol converters and then end up making them permanent because of "benefit"? Perhaps there's more to transitioning to a new technology after all? Maybe we could get rid of some of the cruft and right a few wrongs while we're at it? > > P.S. Anyone else getting hit by sales calls for DDoS appliances and > other salespeople as a result of this thread? > > This fishing in NANOG waters by salespeople is irritating and a good > reason not to do business with these companies. > > I don't take my time to post on NANOG to invite a deluge of sales > calls. If we catch them, we'll act. We added some language related to that to the new AUP and have been able to act on it as a result. -- Martin Hannigan http://www.verneglobal.com/ Verne Global Datacenters e: [EMAIL PROTECTED] Keflavik, Icelandp: +16178216079
Re: Problems sending mail to yahoo?
The lesson one should get from all this is that the ultimate harm of spammers et al is that they are succeeding in corrupting the idea of a standards-based internet. Sites invent policies to try to survive in a deluge of spam and implement those policies in software. Usually they're loathe to even speak about how any of it works either for fear that disclosure will help spammers get around the software or fear that someone, maybe a customer maybe a litigious marketeer who feels unfairly excluded, will hold their feet to the fire. So it's a vast sea of security by obscurity and standards be damned. It's a real and serious failure of the IETF et al. P.S. Anyone else getting hit by sales calls for DDoS appliances and other salespeople as a result of this thread? This fishing in NANOG waters by salespeople is irritating and a good reason not to do business with these companies. I don't take my time to post on NANOG to invite a deluge of sales calls. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Problems sending mail to yahoo?
JA> Date: Fri, 11 Apr 2008 10:22:11 -0400 JA> From: Joe Abley JA> To return to the topic at hand, you may already have outsourced the JA> coordination of your boycott to Yahoo!, too! They're already not JA> accepting your mail. There's no need to stop sending it! :-) Except for queue management. I just got off the phone with one client who requested precisely: "Can you just have [the servers] refuse to send mail to Yahoo?" Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
Results of ARIN/CAIDA IPv6 Penetration Survey
ARIN thanks those community members who participated in the recent ARIN/CAIDA IPv6 Penetration Survey. kc claffy presented an analysis of the survey results earlier this week during ARIN XXI in Denver, Co. You will find the link to this presentation on ARIN's IPv6 wiki at: www.getipv6.net. We encourage community members to post IPv6 experiences, knowledge and resources on the ARIN IPv6 wiki. Also, be sure to check back there soon for data from the 8 April ARIN IPv6 Main Event, where participants connected to an IPv6-only network. Regards, Member Services American Registry for Internet Numbers (ARIN)
Re: Problems sending mail to yahoo?
At 10:22 AM 4/11/2008, Joe Abley wrote: It turns out that if Y! doesn't want to receive mail from me, suddenly I can't send mail to anybody in my extended family, or to most people I know in the town where I live. These involve domains like ROGERS.COM and BTINTERNET.COM, and not just the obvious Y! domains. Good point. I think this also includes AT&T/SBC/SNET in some fashion (with which many of my customers have been having different problems this week). To return to the topic at hand, you may already have outsourced the coordination of your boycott to Yahoo!, too! They're already not accepting your mail. There's no need to stop sending it! :-) Yes, but it's the flow of mail (spam) *from* them I'm worried about...
Re: Problems sending mail to yahoo?
At 10:33 AM 4/11/2008, you wrote: I gave up sending abuse reports to Yahoo (and Hotmail) many years ago. I gave up on Hotmail, too, though occasionally I try a sample to see if they've improved. The latest came back with a message saying that I had to resubmit my report to any entirely different address. As if their inability to forward mail internally is now my problem... So in the short term, advising customers that Yahoo's and Hotmail's freemail services are of very poor quality and should never be relied on for anything, and that Gmail is a better choice, is probably viable. In the long term, though, I think it may only delay the inevitable. OTOH, as someone who provides services to small business customers who want their own domains, this may be to my benefit: one of the main selling points of a domain is that it makes you the master of your own fate, not tied to the fate of a particular provider. (At least, if you're smart enough to use a registrar and a service provider who doesn't make it almost-impossible to switch)
RE: /24 blocking by ISPs - Re: Problems sending mail to yahoo?
It's not unusual to do /24 blocks, however Yahoo claims they do not keep any logs as to what causes the /24 block. If they kept logs and were able to tell us which IP address in the /24 sent abuse to their network we would then be able to investigate it. Their stance of 'it's coming from your network you should know' isn't really helpful in solving the problem. When an IP is blocked a lot of ISP's can tell you why. I would think when they block a /24 they would atleast be able to decipher who was sending the abuse to their network to cause the block and not simply say 'Were sorry our anti-spam measures do not conform with your business practices'. Logging into every server using a /24 is looking for needle in a haystack. -Ray From: Suresh Ramasubramanian [EMAIL PROTECTED] Sent: Thursday, April 10, 2008 11:56 PM To: Raymond L. Corbin Cc: Chris Stone; nanog@merit.edu Subject: /24 blocking by ISPs - Re: Problems sending mail to yahoo? On Fri, Apr 11, 2008 at 1:22 AM, Raymond L. Corbin <[EMAIL PROTECTED]> wrote: > > Yeah, but without them saying which IP's are causing the problems you can't > really tell > which servers in a datacenter are forwarding their spam/abusing Yahoo. Once > the /24 > block is in place then they claim to have no way of knowing who actually > caused the block > on the /24. The feedback loop would help depending on your network size. Almost every large ISP does that kind of "complimentary upgrade" There are enough networks around, like he.net, Yipes, PCCW Global / Cais etc, that host huge amounts of "snowshoe" spammers - http://www.spamhaus.org/faq/answers.lasso?section=Glossary#233 (you know, randomly named / named after a pattern domains, with anonymous whois or probably a PO box / UPS store in the whois contact, DNS served by the usual suspects like Moniker..) a /27 or /26 in a /24 might generate enough spam to drown the volume of legitimate email from the rest of the /24, and that would cause this kind of /24 block In some cases, such as 63.217/16 on CAIS / PCCW, there is NOTHING except spam coming from several /24s (and there's a /20 and a /21 out of it in spamhaus), and practically zero traffic from the rest of the /16. Or there's Cogent with a similar infestation spread around 38.106/16 ISPs with virtual hosting farms full of hacked cgi/php scripts, forwarders etc just dont trigger /24 blocks at the rate that ISPs hosting snowshoe spammers do. /24 blocks are simply a kind of motivation for large colo farms to try choosing between hosting spammers and hosting legitimate customers. srs ..
Re: Problems sending mail to yahoo?
On Thu, Apr 10, 2008 at 11:58:05PM -0400, Rob Szarka wrote: > I report dozens of spams from my personal account alone every day and never > receive anything other than automated messages claiming to have dealt with > the same abuse that continues around the clock or, worse, bogus/clueless > claims that the IP in question is not theirs and suggestions that I check > the same ARIN database that I used to confirm the responsible party in the > first place. I gave up sending abuse reports to Yahoo (and Hotmail) many years ago. All available evidence strongly indicates that there is nobody there who understands them, is capable of taking effective action, or cares to take any effective action. That evidence includes not just their complete failure to control outbound abuse, but their ill-advised and ineffective attempts to control inbound abuse (as we see in this thread), their complete failure to participate in abuse forums such as Spam-L, their complete failure to shut down spammer/phisher domains they're hosting, and their complete failure to shut down spammer/phisher dropboxes they're providing. Sadly, Google's Gmail appears to be on the first steps down this same path. I had hoped for a display of markedly higher clue level from them, but -- for whatever reason -- it hasn't manifested itself yet. So in the short term, advising customers that Yahoo's and Hotmail's freemail services are of very poor quality and should never be relied on for anything, and that Gmail is a better choice, is probably viable. In the long term, though, I think it may only delay the inevitable. ---Rsk
Re: Problems sending mail to yahoo?
On 10 Apr 2008, at 23:58 , Rob Szarka wrote: At 02:23 PM 4/10/2008, you wrote: Maybe we all should do the same to them until they quit spewing out all the Nigerian scams and the like that I've been seeing from their servers lately! If there were an coordinated boycott, I would participate. Yahoo is *by far* the worst single abuser of our server among the "legitimate" email providers. Having done my own share of small-scale banging-of-heads-against-yahoo recently, the thing that surprised me was how many people with non- yahoo addresses had their mail handled by yahoo. It turns out that if Y! doesn't want to receive mail from me, suddenly I can't send mail to anybody in my extended family, or to most people I know in the town where I live. These involve domains like ROGERS.COM and BTINTERNET.COM, and not just the obvious Y! domains. In my more paranoid moments I have wondered how big a market share Y! now has in personal e-mail, given the number of large cable/telcos who have outsourced mail handling to them for their residential products. Once you pass a certain threshold, the fact that Y! subscribers are the only people who can reliably deliver mail to other Y! subscribers provides a competitive advantage and a sales hook to make the resi mail empire even larger. At that point it makes no sense for Y! to expend effort to accept *more* mail from subscribers of other services. To return to the topic at hand, you may already have outsourced the coordination of your boycott to Yahoo!, too! They're already not accepting your mail. There's no need to stop sending it! :-) Joe
The Cidr Report
This report has been generated at Fri Apr 11 21:17:44 2008 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date PrefixesCIDR Agg 04-04-08255841 164373 05-04-08255919 164795 06-04-08255999 164647 07-04-08255822 164884 08-04-08256095 165364 09-04-08256180 165992 10-04-08256623 165505 11-04-08257025 161726 AS Summary 27960 Number of ASes in routing system 11771 Number of ASes announcing only one prefix 1626 Largest number of prefixes announced by an AS AS4755 : VSNL-AS Videsh Sanchar Nigam Ltd. Autonomous System 88502016 Largest address span announced by an AS (/32s) AS721 : DISA-ASNBLK - DoD Network Information Center Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 11Apr08 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 257289 1617889550137.1% All ASes AS4755 1626 439 118773.0% VSNL-AS Videsh Sanchar Nigam Ltd. Autonomous System AS9498 1162 67 109594.2% BBIL-AP BHARTI BT INTERNET LTD. AS4323 1416 404 101271.5% TWTC - Time Warner Telecom, Inc. AS18566 1042 38 100496.4% COVAD - Covad Communications Co. AS6389 1232 418 81466.1% BELLSOUTH-NET-BLK - BellSouth.net Inc. AS22773 912 142 77084.4% CCINET-2 - Cox Communications Inc. AS11492 1209 463 74661.7% CABLEONE - CABLE ONE AS19262 895 164 73181.7% VZGNI-TRANSIT - Verizon Internet Services Inc. AS8151 1180 513 66756.5% Uninet S.A. de C.V. AS1785 1005 350 65565.2% AS-PAETEC-NET - PaeTec Communications, Inc. AS17488 1009 355 65464.8% HATHWAY-NET-AP Hathway IP Over Cable Internet AS6478 904 349 55561.4% ATT-INTERNET3 - AT&T WorldNet Services AS18101 673 119 55482.3% RIL-IDC Reliance Infocom Ltd Internet Data Centre, AS2386 1397 861 53638.4% INS-AS - AT&T Data Communications Services AS4812 613 115 49881.2% CHINANET-SH-AP China Telecom (Group) AS7011 1086 617 46943.2% FRONTIER-AND-CITIZENS - Frontier Communications of America, Inc. AS6197 988 522 46647.2% BATI-ATL - BellSouth Network Solutions, Inc AS855641 183 45871.5% CANET-ASN-4 - Bell Aliant AS19916 555 99 45682.2% ASTRUM-0001 - OLM LLC AS7018 1464 1038 42629.1% ATT-INTERNET4 - AT&T WorldNet Services AS3356 828 403 42551.3% LEVEL3 Level 3 Communications AS8103 566 142 42474.9% STATE-OF-FLA - Florida Department of Management Services - Technology Program AS17676 508 88 42082.7% GIGAINFRA BB TECHNOLOGY Corp. AS4134 857 452 40547.3% CHINANET-BACKBONE No.31,Jin-rong Street AS5668 683 280 40359.0% AS-5668 - CenturyTel Internet Holdings, Inc. AS6140 617 231 38662.6% IMPSAT-USA - ImpSat USA, Inc. AS9443 455 78 37782.9% INTERNETPRIMUS-AS-AP Primus Telecommunications AS3602 453 78 37582.8% AS3602-RTI - Rogers Telecom Inc. AS7545 485 116 36976.1% TPG-INTERNET-AP TPG Internet
BGP Update Report
BGP Update Report Interval: 10-Mar-08 -to- 10-Apr-08 (32 days) Observation Point: BGP Peering with AS2.0 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS949897451 1.6% 76.3 -- BBIL-AP BHARTI BT INTERNET LTD. 2 - AS24731 89033 1.4%1047.4 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA) 3 - AS958366630 1.1% 56.6 -- SIFY-AS-IN Sify Limited 4 - AS912155740 0.9% 22.1 -- TTNET TTnet Autonomous System 5 - AS815154045 0.9% 33.1 -- Uninet S.A. de C.V. 6 - AS886649094 0.8% 162.0 -- BTC-AS Bulgarian Telecommunication Company Plc. 7 - AS17974 48184 0.8% 72.2 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia 8 - AS26829 43039 0.7% 43039.0 -- YKK-USA - YKK USA,INC 9 - AS24863 42921 0.7% 92.3 -- LINKdotNET-AS 10 - AS18306 42308 0.7%1143.5 -- MASANHANANET-AS-KR HANANET 11 - AS238639020 0.6% 27.0 -- INS-AS - AT&T Data Communications Services 12 - AS614032886 0.5% 50.4 -- IMPSAT-USA - ImpSat USA, Inc. 13 - AS17487 31932 0.5% 31932.0 -- ICBCASIA-AP Industrial and Commercial Bank 14 - AS630631810 0.5% 676.8 -- Telcel, C.A 15 - AS23005 29450 0.5%1732.4 -- SWITCH-COMMUNICATIONS - SWITCH Communications Group LLC 16 - AS11830 29344 0.5% 12.6 -- Instituto Costarricense de Electricidad y Telecom. 17 - AS14895 27709 0.5%9236.3 -- LAWSON-SOFTWARE - Lawson Software 18 - AS22773 25638 0.4% 27.8 -- CCINET-2 - Cox Communications Inc. 19 - AS919825242 0.4% 62.2 -- KAZTELECOM-AS Kazakhtelecom Corporate Sales Administration 20 - AS462124169 0.4% 153.9 -- UNSPECIFIED UNINET-TH TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS26829 43039 0.7% 43039.0 -- YKK-USA - YKK USA,INC 2 - AS17487 31932 0.5% 31932.0 -- ICBCASIA-AP Industrial and Commercial Bank 3 - AS19334 23955 0.4% 23955.0 -- SPORTLINE-DBC - SPORTLINE 4 - AS19017 13047 0.2% 13047.0 -- QUALCOMM-QWBS-LV - Qualcomm Wireless Business Solutions 5 - AS13495 10892 0.2% 10892.0 -- NTT do Brasil Telecomunicaoes Ltda 6 - AS14895 27709 0.5%9236.3 -- LAWSON-SOFTWARE - Lawson Software 7 - AS309298809 0.1%8809.0 -- HUTCB Hidrotechnical Faculty - Technical University 8 - AS212918535 0.1%8535.0 -- OMEGABANK 8 Dragatsaniou str 9 - AS42787 20964 0.3%6988.0 -- MMIP-AS MultiMedia IP Ltd. 10 - AS151365605 0.1%5605.0 -- AS-NSPOF - NSPOF Communications Inc 11 - AS446565558 0.1%5558.0 -- HOLOSFIND-ROMANIA HOLOSFIND SRL 12 - AS292255400 0.1%5400.0 -- TAIF-TELCOM-AS JSC TAIF-TELCOM 13 - AS250243277 0.1%3277.0 -- DECEUNINCK-PLASTICS Deceuninck Plastics Autonomous System 14 - AS7257 9439 0.1%3146.3 -- PREMIERE-GLOBAL-SERVICES-INC - Premiere Global Services, Inc. 15 - AS391052785 0.1%2785.0 -- CLASS-AS SC Class Computers And Service SRL 16 - AS369752745 0.0%2745.0 -- CBA-AS 17 - AS419072463 0.0%2463.0 -- POLFA PZPF Polfa 18 - AS299102371 0.0%2371.0 -- IACP - INTL. ASSN OF CHIEF OF POLICEI 19 - AS158216058 0.1%2019.3 -- ASTRAL-AS JV "Astral-Kiev Ltd." Autonomous System 20 - AS128665448 0.1%1816.0 -- SUN_EU_AS Sun Microsystems European AS TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 125.23.208.0/20 62770 1.0% AS9498 -- BBIL-AP BHARTI BT INTERNET LTD. 2 - 12.108.254.0/24 43039 0.7% AS26829 -- YKK-USA - YKK USA,INC 3 - 213.91.175.0/24 40978 0.6% AS8866 -- BTC-AS Bulgarian Telecommunication Company Plc. 4 - 220.241.83.0/24 31932 0.5% AS17487 -- ICBCASIA-AP Industrial and Commercial Bank 5 - 64.79.128.0/1929230 0.5% AS23005 -- SWITCH-COMMUNICATIONS - SWITCH Communications Group LLC 6 - 124.7.192.0/2426057 0.4% AS9583 -- SIFY-AS-IN Sify Limited 7 - 63.169.11.0/2423955 0.4% AS19334 -- SPORTLINE-DBC - SPORTLINE 8 - 84.23.96.0/19 23596 0.4% AS24731 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA) AS34400 -- ASN-ETTIHADETISALAT Etihad Etisalat 9 - 125.57.60.0/2421655 0.3% AS18306 -- MASANHANANET-AS-KR HANANET 10 - 193.33.184.0/23 20956 0.3% AS42787 -- MMIP-AS MultiMedia IP Ltd. 11 - 211.175.148.0/24 19452 0.3% AS18306 -- MASANHANANET-AS-KR HANANET 12 - 221.128.192.0/18 17562 0.3% AS18231 -- EXATT-AS-AP Exatt Technologies Private Ltd. 13 - 203.63.26.0/2415615 0.2% AS9747 -- EZINTERNET-AS-AP EZInternet Pty Ltd 14 - 221