This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] WHOIS (AS204224)
- Previous message (by thread): [anti-abuse-wg] WHOIS (AS204224)
- Next message (by thread): [anti-abuse-wg] WHOIS (AS204224)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Thu Nov 5 21:33:00 CET 2015
In message <637758753.2826426.1446595528880.JavaMail.yahoo at mail.yahoo.com>, ripedenis at yahoo.co.uk wrote: >Ronald >"I neither mentioned nor asked about out-of-region objects." >"then proceeded to announce a bunch of self-evidently bogus routes to relat= >ively large swaths of APNIC address space." > >Last time I checked APNIC address space is 'out of region' for RIPE. Yes, but you're misplacing the emphasis. With regards to this specific incident (and this specific set of what looks to be 3 inter-related rogue ASNs) I myself don't really care which 1/5th of the world they are stealing IP space from. I just want to know who they really are. The region they are stealing from (at the moment) is almost irrelevant. By tomorrow, they'll be stealing from AFRINIC, and then from LACNIC the day afrer that. >A lot of what {bad guys} >do also seems to involve out of region resources. Yes, but not all. I say again, I don't care which 1/5th of the wold they are messing with. Regardless, I want to be able to identify them. >That {past} >discussion seemed to centre on wonderful, technically brilliant, perfe= >ctionist systems of cross registry authentication to solve the entire problem. I'm not even talking about (or even interested in) route objects in the data base at the moment. That's a whole different problem and a whole different kettle of fish. At the moment, I personally am focused on ORG- records. >But if you want anything like this to happen, regar= >dless of who does it (RIPE NCC or members), then you have to move beyond th= >e initial arguments against it, propose a policy and take it through the st= >ages of discussion. If there is a consensus on doing it/something/whatever = >then that will happen. Yes. Understood. Thank you. >If= > someone gets around the legal requirements in their country and is able to= > set up a bogus company with legitimate papers, they will get internet reso= >urces. As you have noted, there are many countries in the RIPE region where= > corruption runs at very high levels. If you have the right contacts you wi= >ll get your bogus company. To be clear, perhaps *someone* here noted that "there are many countries in the RIPE region where corruption runs at very high levels", but whoever that may have been, it wasn't me. I believe that to be a factually accurate statement, but I personally did not make any such comment here, I think. But regardless of whether I did or didn't, you are again missing the point and (thus) vearing off onto unrelated tangents. As I have repeatedly said, it is my clear impression that the case of AS204224 *does not* involve anybody bribing anybody to create a new and/or largely fictitious company, but rather, this seem to be a good old-fashioned case of identity theft. I may be wrong about that, but that also would be irrelevant. I am certainly not so deluded as to believe that anything with either RIPE or RIPE NCC might do erase all traces of corruption from the face of the earth, and I am *not* urging that either RIPE or RIPE NCC set out on any quixotic quest to do so. Rather, I've suggested the much more modest goal of at least trying to insure that contact details present in the data base are actually associated with the parties they allegedly represent. Such a step would, I think, foil many, if not all attempts at identity theft, as in the case of AS204224, even through they quite certainly would have no effect at all on world-wide corruption. >You have to accept that Europe, Middle East and Central Asia is a very diff= >erent landscape than the USA. Whilst I applaud efforts to validate data, th= >e misuse of valid data will still happen. We are in agreement. >... There should be no object in the >database that is not directly or indirectly linked to an ORGANISATION object. Again, we are in agreement. I'll even go further and say I am frankly rather surprised that the simple rule you just elaborated is not already in place. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] WHOIS (AS204224)
- Next message (by thread): [anti-abuse-wg] WHOIS (AS204224)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]