This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")

Previous message (by thread): [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Next message (by thread): [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

furio ercolessi furio+as at spin.it
Fri May 17 15:46:01 CEST 2019

On Fri, May 17, 2019 at 10:24:51AM +0000, Suresh Ramasubramanian wrote:
> [...]
> It seems entirely possible for anybody at all to register a company and follow the paperwork
> required to become a LIR and then allocate /14s at a time back in the day and maybe smaller
> netblocks now to malicious actors.

LIRs in the RIPE area are now limited to a single /22 ( https://www.ripe.net/publications/docs/ripe-708#51 ),
and as a consequence of this we are now seeing people creating multiple LIRs one
after the other, each getting a single /22, and amassing a large of amount of v4 space
with this simple trick.

ARIN seems now to be going more aggressively than in the past after these guys
( https://krebsonsecurity.com/2019/05/a-tough-week-for-ip-address-scammers/ ).

furio ercolessi

Previous message (by thread): [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Next message (by thread): [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]