This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] WHOIS (AS204224)
- Previous message (by thread): [anti-abuse-wg] WHOIS (AS204224)
- Next message (by thread): [anti-abuse-wg] WHOIS (AS204224)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Mon Nov 2 07:38:30 CET 2015
In message <20151102034438.GB47126 at cilantro.c4inet.net>, "Sascha Luck [ml]" <aawg at c4inet.net> wrote: >While I can't speak for the accuracy of the AS204224 record.. Who can? Who does? Anybody? >I can say that the procedures used by the RIPE NCC to verify the >identity of its members are sufficient... And your appraisal is based on what, exactly? Sufficient for whom? Sufficient for what? >The RIPEDB allows the registration of out-of-region objects... Let's not confuse the issue. I neither mentioned nor asked about out-of-region objects. The claim clearly being asserted by the RIPE WHOIS record for AS204224 is that this is an *IN-REGION* (Russian) company, one which, as I noted, is apparently a 16 year old parts & equipment supplier for the oil & gas industry, that suddenly, and for no apparently clear reason, this past summer, after 16 years in business, decided that it needed its own RIPE-sponsored AS, got one, and then proceeded to announce a bunch of self-evidently bogus routes to relatively large swaths of APNIC address space. The issue isn't the announcement of out-of-region IP space. The issue is the self-evidently fradulent nature of the registration of, and the WHOIS record for, AS204224. That AS, as I pointed out, was registered within 7 minutes of yet another highly dubious AS (i.e. AS204223), which also, perhaps not conincidently, has itself recently also been caught red-handed, also announcing several similarly sized bogons from the exact same geographical region as the bogons that AS204224 has been announcing. Oh! And let's not forget what started this, i.e. the fact that AS204223 is itself upstream from yet a third dubious AS, and one which Furio Ercolessi reported here as ALSO announcing a number of bogons, AND ACTIVELY SPAMMING FROM THOSE. You apparently think that all of this is mere coincidence. >>From where I am sitting however it appears me that the both the >>data contained in the RIPE WHOIS record for AS204224 and also >>whatever process RIPE NCC followed to validate that data are... >>not to put too fine a point on it... nothing short of bovine >>excrement. > >Evidence please, until then I will regard this as baseless >slander. So, you are of the opinion that the WHOIS data for AS204224 is all perfectly fine and dandy, yes? You don't find anything at all in the least bit suspicious about a 16 year old Russian oil & gas parts supplier suddenly coming out of the woodwork, suddenly needing their own AS number, and, as their very first act upon acquiring their shiny new AS number, announcing a bunch of bogons to IP space they have no rights to, exactly like ANOTHER different AS number is doing, a different AS that just happens to have been created only 7 minutes earlier? I want to be clear here. Is that really what you are saying? I'd like to get your answer on the record... for posterity. >>Forget ICANN. Is _RIPE_ also a slacker when it comes to >>maintaining its own WHOIS data base? Are officially sanctioned >>RIPE policies and procedures making to harder than it ought to >>be to stop, or even to just merely identify criminals, con men, >>and spammers on the Internet? If so, when was that decision >>ratified, and by whom? > >The Policy Development Process is detailed in documentation on >the abovementioned website. I understand that this is a RIPE mailing list, and that as such, it isn't always safe to assume that the English language will be universally understood by all subscribers or participants. Given that my question may not have been adequately clear, e.g. to anyone whose native language is not English, I will now attempt to re-phrase it, adding emphasis, where it was apparently lacking in my original formulation of the question. My question was: When was the DECISION made not to bother to verify the phone numbers and mailing addresses that go into the RIPE WHOIS data base? And also: Who made that specific DECISION? (I understand that I may have failed to be adequately clear earlier, but I wanted to be clear now that my question was not about the "Policy Development Process". I thank you however for you kind attempts to educate me about this largely unrelated topic. I'm interested in the moment in THE DECISION, not in official pronouncements regarding the idealized notion of the political process that may or may not have been followed leading up to THE DECISION.) Or were you trying, in a back-handed sort of way, to tell me that the verification of phone and address parts of RIPE WHOIS records isn't being done because it wasn't even ever considered as being either necessary or useful enough to even insert the idea into the front end of the meat grinder known as "The Policy Development Process" ? If THAT was really what you were trying to say, then you'll have to excuse me while I pick my jaw up off the floor. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] WHOIS (AS204224)
- Next message (by thread): [anti-abuse-wg] WHOIS (AS204224)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]