This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Romanian Spam Network with curious effetcs
- Previous message (by thread): [anti-abuse-wg] Romanian Spam Network with curious effetcs
- Next message (by thread): [anti-abuse-wg] Romanian Spam Network with curious effetcs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Lutz Petersen
lp at shlink.de
Tue Mar 19 06:21:34 CET 2013
Ronald, it's a mysterious for me, sorry. Maybe I did not made it clearly enough what irritates me.. Viewing BGP tables one don't see a single accouncement for this netblock. Traces all ends obvious at default null route in core routers. Seems to be one of the cases where nets are only announced when spinning out short time spam waves - one can see this comparing older logs. But: Reverse delegation from RIPE for this nets has been done to two nameservers - 176.121.32.2 + 176.121.32.3. But even if there does not exit an BGP entry, these nameservers can be asked and give an answer: # sh ip bgp 176.121.32.2 % Network not in table # host -t ptr 2.34.121.176.in-addr.arpa. ns2.alvinemove.info. # Using domain server: # Name: ns2.alvinemove.info. # Address: 176.121.32.3#53 # 2.34.121.176.in-addr.arpa domain name pointer rented-2.beggarlyout.info. What may be the trick with that ?
- Previous message (by thread): [anti-abuse-wg] Romanian Spam Network with curious effetcs
- Next message (by thread): [anti-abuse-wg] Romanian Spam Network with curious effetcs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]