This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] [exec-board] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
- Previous message (by thread): [anti-abuse-wg] [db-wg] [exec-board] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
- Next message (by thread): [anti-abuse-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Mon Aug 20 03:02:54 CEST 2018
Mr. Titley, Thanks for responding. My comments are included inline below. In message <cf0758bb-88e7-faa6-8b29-11af41c75f8f at titley.com>, Nigel Titley <nigel at titley.com> wrote: >The RIPE community has repeatedly reminded the RIPE NCC that it has no >role to play in policing routing and no mandate to make judgments on >whether the route objects people create correspond to legitimate BGP >announcements. But that's not really or entirely an accurate statement is it? It is my understanding that RIPE disallows the creation of route objects in the data base that make reference to RIPE issued IP space in the absence of proper permission/endorsement from the actual registrant of the relevant IP space. Is that not so? If it is so, then isn't this quite obviously one way that RIPE is actually and materially -regulating- the creation of route objects in the data base? If this isn't a regulation (or limitation) that RIPE is applying to the creation of route objects then what is it? Likewise and simuilarly it is also my understanding that as of September 4th, less than three weeks from now, RIPE will -additionally- begin enforcing a new regulation preventing the creation, in the data base, of -any- new route objects for out-of-region IP space. Is that not so? So, it seems that RIPE -is- already regulating the creation of such objects in the data base, and it seems that it already been doing so for some time. It is just highly unfortunate that it has been doing it very very badly indeed, as clearly evidenced by the several reports that I've made public this summer alone. >Given this lack of a mandate, it's hard to imagine that the community >would support the RIPE NCC unilaterally sanctioning members for >incorrect/malicious route announcements. I did not ask about route announcements. I asked what the RIPE policy is with respect to members who are caught repeatedly, deliberately, and maliciously creating clearly fradulent route objects in the data base. This is a very different matter, as I am sure you must appreciate. With all due respect, you appear to be deftly trying to dodge my actual question, which has nothing to do with route announcements and everything to do with route objects in the data base. I have every reason to believe that you -do- fully appreciate and understand the distinction between these two things, so I ask my question again. What is the RIPE policy with respect to members that are caught red handed, repeatedly, deliberately, and maliciously entering fradulent route objects into the RIPE data base? If you prefer, I would be just as happy if you instead answered my more colloquial formulation of this question: Who exactly does one need to kill, maim, or seriously wound in order to get kicked out of this organization (RIPE)? It seems that there are very nearly no limits on the scope or breadth of the travesties that your members are permitted to engage in, even when it comes to polluting your own data base with easily recognized rubbish. But there -are- apparently at least -some- acts that are so over-the-top egregious that even RIPE can no longer turn a blind eye. This was verified previously by a member of your legal staff who previously reported that there have been at least four separate non-person entities that have actually been kicked out of RIPE, just in the last few years, for reasons other than the non-payment of fees due. So what did these four specific and extra special crooks do, exactly, that was so horrifically bad that even RIPE couldn't turn a blind eye anymore? What could have been so magnificently malevolent that it causes even RIPE, which apparently tolerates very nearly every kind of mischief that can be perpetrated on the Internet, to kick these four entities out? I am reminded of a famous line from the movie Casablanca: "I've often speculated on why you don't return to America. Did you abscond with the church funds? Did you run off with a Senator's wife? I like to think that you killed a man. It's the romantic in me." I ask yet again, what does it take to get kicked out of this organization? >Despite your request, the RIPE NCC doesn't comment on its members or the >investigations it undertakes. I am not asking you to. I am asking you to identify for me *any* form or kind of malfeasance, any kind of travesty, any kind of crime, even one perpetrated against your own data base, that would result in RIPE actually opening its legendary blind eye and taking action for once. Does RIPE even happily tolerate the utter pollution and prostitution of its own data base? As of now, the answer seems to be yes. >If you find inaccurate information in the RIPE Database, please use the >report form to let the RIPE NCC know. I fully trust that the RIPE NCC >staff will follow up on all cases that are properly reported and take >appropriate action. Well, that makes one of us, at least. I myself have no such faith. Mind you, it is *not* that they aren't perfectly capable of doing their jobs, however those jobs are defined for them. The problem is that -your- definition of "appropriate action" in the cases that I have publically reported on this summer seems to come down to just winking and nodding and otherwise doing nothing whatsoever. >On the other hand if you think that the RIPE NCC should get involved in >policing route object creation, that's a different discussion. See above. RIPE NCC already -is- quite clearly involved in regulating the creation of route objects in the data base, and has been for quite some time already. It is just being done very very badly in cases relating to out-of-region objects. That's not the fault of the engineers. It's clearly the fault of the politicians, including yourself. If you had even a small amount of either foresight or leadership, then you would have put a stop to all of this nonsense years ago. Instead this problem was allowed to grow and fester without limits, and even as we speak is still permitted within the RIPE region. (September 3rd, will be a busy day indeed for the various crooks in the RIPE region.) Lastly, I see that even as you deftly attempted to avoid answering my real question, by trying to change the subject from route objects to route announcements, you didn't even make any pretense at answering my other question, which was abouit what it might take for someone to get kicked out of the club of RIPE "Recognized IP Brokers". Perhaps, instead of asking you what, if anything, it might take for RIPE to kick someone -out- of this totally separate exclusive club, I should instead be asking you what sorts of scoundrels, murders, and rapists RIPE, in its infinite wisdom, is allowing -in- to its club of "Recognized IP brokers" in the first place. Is there -any- party who RIPE would -not- allow to join this club, as long as they can produce the required cash payment to RIPE? Would Bernie Madoff be allowed to be a RIPE-recognized IP broker? How about Charles Ponzi? Are there -any- qualifications needed to become a RIPE-recognized IP broker, other than have a pulse and a bag full of cash (to give to RIPE)? I look forward to your clarifications. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] [db-wg] [exec-board] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
- Next message (by thread): [anti-abuse-wg] The Ongoing Summer of Hijacks: MNT-SERVERSGET / dnsget.top
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]