<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
"All the bgp routers will be upgraded if I will be elected, you can
be sure of it, including EOL routers, there is and there will be
solution for anything."<br>
<br>
ROFLMAO! Can we have immortality with infinite money as well on the
go? :) Or is this the type of promise where RIPE membership annual
fee balloons by approximately 9 zeroes for every member, preferrably
paid directly to Netstyle? .... I suspect the latter ;)<br>
<br>
<div class="moz-cite-prefix">On 5/1/20 12:04 AM, Elad Cohen wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DB7PR10MB21546BE76D749A97FD93A664D6AA0@DB7PR10MB2154.EURPRD10.PROD.OUTLOOK.COM">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
Stuart,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
All the bgp routers will be upgraded if I will be elected, you
can be sure of it, including EOL routers, there is and there
will be solution for anything.<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
After it all internet users will enjoy from the end of:</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<span>Spoofed IP traffic, Spoofed amplification DDoS attacks,
BGP&RIR hijacking</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<span><br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<span>And the dramatically reducing of:<br>
</span></div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<span>IoT botnet infections and Botnet C&Cs</span><br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
Respectfully,</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
Elad<br>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
face="Calibri, sans-serif" color="#000000"><b>From:</b> Stuart
Willet (primary) <a class="moz-txt-link-rfc2396E" href="mailto:stu@safehosts.co.uk"><stu@safehosts.co.uk></a><br>
<b>Sent:</b> Friday, May 1, 2020 12:01 AM<br>
<b>To:</b> Elad Cohen <a class="moz-txt-link-rfc2396E" href="mailto:elad@netstyle.io"><elad@netstyle.io></a>;
<a class="moz-txt-link-abbreviated" href="mailto:members-discuss@ripe.net">members-discuss@ripe.net</a> <a class="moz-txt-link-rfc2396E" href="mailto:members-discuss@ripe.net"><members-discuss@ripe.net></a><br>
<b>Subject:</b> RE: Technical solution to resolve Spoofed IP
traffic, Spoofed amplification DDoS attacks, BGP&RIR
hijacking, IoT botnet infections and Botnet C&Cs</font>
<div> </div>
</div>
<style>
<!--
@font-face
{font-family:"Cambria Math"}
@font-face
{font-family:Calibri}
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
a:link, span.x_MsoHyperlink
{color:#0563C1;
text-decoration:underline}
a:visited, span.x_MsoHyperlinkFollowed
{color:#954F72;
text-decoration:underline}
p
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_msonormal0, li.x_msonormal0, div.x_msonormal0
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xmsonormal, li.x_xmsonormal, div.x_xmsonormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xmsolistparagraph, li.x_xmsolistparagraph, div.x_xmsolistparagraph
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xmsonormal0, li.x_xmsonormal0, div.x_xmsonormal0
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xxmsonormal, li.x_xxmsonormal, div.x_xxmsonormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xxmsonormal0, li.x_xxmsonormal0, div.x_xxmsonormal0
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xxxmsonormal, li.x_xxxmsonormal, div.x_xxxmsonormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xxxmsonormal0, li.x_xxxmsonormal0, div.x_xxxmsonormal0
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif}
p.x_xxxmsochpdefault, li.x_xxxmsochpdefault, div.x_xxxmsochpdefault
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman",serif}
p.x_xxmsochpdefault, li.x_xxmsochpdefault, div.x_xxmsochpdefault
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman",serif}
p.x_xmsochpdefault, li.x_xmsochpdefault, div.x_xmsochpdefault
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman",serif}
span.x_xmsohyperlink
{color:#0563C1;
text-decoration:underline}
span.x_xmsohyperlinkfollowed
{color:#954F72;
text-decoration:underline}
span.x_xxmsohyperlink
{color:#0563C1;
text-decoration:underline}
span.x_xxmsohyperlinkfollowed
{color:#954F72;
text-decoration:underline}
span.x_xxxmsohyperlink
{color:#0563C1;
text-decoration:underline}
span.x_xxxmsohyperlinkfollowed
{color:#954F72;
text-decoration:underline}
span.x_xxxemailstyle19
{font-family:"Calibri",sans-serif;
color:#1F497D}
span.x_xxemailstyle25
{font-family:"Calibri",sans-serif;
color:#1F497D}
span.x_xemailstyle31
{font-family:"Calibri",sans-serif;
color:#1F497D}
span.x_EmailStyle38
{font-family:"Calibri",sans-serif;
color:#1F497D}
.x_MsoChpDefault
{font-size:10.0pt}
@page WordSection1
{margin:72.0pt 72.0pt 72.0pt 72.0pt}
div.x_WordSection1
{}
-->
</style>
<div link="#0563C1" vlink="#954F72" lang="EN-GB">
<div class="x_WordSection1">
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D">Elad,</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D">As
repeatedly explained to you, it simply is not possible to
go around updating EVERY piece of hardware and software
used for BGP sessions.</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D">I
don’t know why you can’t comprehend this, so I am simply
going to stop responding to you.</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D">Respectfully,</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D">Stuart
Willet.</span></p>
<p class="x_MsoNormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt;
padding:3.0pt 0cm 0cm 0cm">
<p class="x_MsoNormal"><b><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US"> Elad Cohen [<a class="moz-txt-link-freetext" href="mailto:elad@netstyle.io">mailto:elad@netstyle.io</a>]
<br>
<b>Sent:</b> 30 April 2020 21:59<br>
<b>To:</b> Stuart Willet (primary)
<a class="moz-txt-link-rfc2396E" href="mailto:stu@safehosts.co.uk"><stu@safehosts.co.uk></a>; <a class="moz-txt-link-abbreviated" href="mailto:members-discuss@ripe.net">members-discuss@ripe.net</a><br>
<b>Subject:</b> Re: Technical solution to resolve
Spoofed IP traffic, Spoofed amplification DDoS
attacks, BGP&RIR hijacking, IoT botnet infections
and Botnet C&Cs</span></p>
</div>
</div>
<p class="x_MsoNormal"> </p>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Stuart,</span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">The costs will be much much lower than the
impacts of the following:</span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Spoofed IP traffic, Spoofed amplification
DDoS attacks, BGP&RIR hijacking, IoT botnet
infections and Botnet C&Cs</span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">If you prefer to stay with all the above ok
lets stay with it all.</span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">If I will be elected you can be sure that I
will do everything in my power to implement my solution
that will resolve for all of it for all internet users.</span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Respectfully,</span></p>
</div>
<div>
<p class="x_MsoNormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Elad</span></p>
</div>
<div class="x_MsoNormal" style="text-align:center"
align="center">
<hr width="98%" size="2" align="center">
</div>
<div id="x_divRplyFwdMsg">
<p class="x_MsoNormal"><b><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif; color:black">
Stuart Willet (primary) <<a
href="mailto:stu@safehosts.co.uk"
moz-do-not-send="true">stu@safehosts.co.uk</a>><br>
<b>Sent:</b> Thursday, April 30, 2020 11:54 PM<br>
<b>To:</b> Elad Cohen <<a
href="mailto:elad@netstyle.io" moz-do-not-send="true">elad@netstyle.io</a>>;
<a href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">
members-discuss@ripe.net</a> <<a
href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">members-discuss@ripe.net</a>><br>
<b>Subject:</b> RE: Technical solution to resolve
Spoofed IP traffic, Spoofed amplification DDoS attacks,
BGP&RIR hijacking, IoT botnet infections and Botnet
C&Cs</span>
</p>
<div>
<p class="x_MsoNormal"> </p>
</div>
</div>
<div>
<div>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Elad,</span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Please show me the costing for your
solution.</span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">In short, how much will it cost to
update every piece of hardware and software used in
BGP sessions.</span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">How will you update all the END OF LIFE
hardware and software?</span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Stuart Willet.</span></p>
<p class="x_xmsonormal"><span style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt;
padding:3.0pt 0cm 0cm 0cm">
<p class="x_xmsonormal"><b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US"> Elad Cohen [<a
href="mailto:elad@netstyle.io"
moz-do-not-send="true">mailto:elad@netstyle.io</a>]
<br>
<b>Sent:</b> 30 April 2020 21:50<br>
<b>To:</b> Stuart Willet (primary) <<a
href="mailto:stu@safehosts.co.uk"
moz-do-not-send="true">stu@safehosts.co.uk</a>>;
<a href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">members-discuss@ripe.net</a><br>
<b>Subject:</b> Re: Technical solution to resolve
Spoofed IP traffic, Spoofed amplification DDoS
attacks, BGP&RIR hijacking, IoT botnet
infections and Botnet C&Cs</span></p>
</div>
</div>
<p class="x_xmsonormal"> </p>
<div>
<p class="x_xmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Stuart,</span></p>
</div>
<div>
<p class="x_xmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Not anyone can afford DDoS mitigation
service and many in the Internet don't have such
service including in the Ripe region, and even for
the ones that are paying for expensive DDoS
mitigation service - DDoS attacks are using
internet traffic, are using electrical power,
interfering to access services, generating crime. If
I will have the honor of being elected then I will
implement it all for the best of everyone including
negative members like you.</span></p>
</div>
<div>
<p class="x_xmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Respectfully,</span></p>
</div>
<div>
<p class="x_xmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Elad</span></p>
</div>
<div class="x_MsoNormal" style="text-align:center"
align="center">
<hr width="98%" size="2" align="center">
</div>
<div id="x_x_divRplyFwdMsg">
<p class="x_xmsonormal"><b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black"> Stuart Willet (primary) <<a
href="mailto:stu@safehosts.co.uk"
moz-do-not-send="true">stu@safehosts.co.uk</a>><br>
<b>Sent:</b> Thursday, April 30, 2020 11:44 PM<br>
<b>To:</b> Elad Cohen <<a
href="mailto:elad@netstyle.io"
moz-do-not-send="true">elad@netstyle.io</a>>; <a
href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">
members-discuss@ripe.net</a> <<a
href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">members-discuss@ripe.net</a>><br>
<b>Subject:</b> RE: Technical solution to resolve
Spoofed IP traffic, Spoofed amplification DDoS
attacks, BGP&RIR hijacking, IoT botnet
infections and Botnet C&Cs</span>
</p>
<div>
<p class="x_xmsonormal"> </p>
</div>
</div>
<div>
<div>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Elad,</span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">I have not attacked you, just
pointing out the incredibly impossible task you
wish to be undertaken.<br>
As for costs, we currently use a DDoS mitigation
service.</span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Your solution is not feasible, full
stop.</span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Respectfully,</span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Stuart Willet.</span></p>
<p class="x_xxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1
1.0pt; padding:3.0pt 0cm 0cm 0cm">
<p class="x_xxmsonormal"><b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US"> Elad Cohen [<a
href="mailto:elad@netstyle.io"
moz-do-not-send="true">mailto:elad@netstyle.io</a>]
<br>
<b>Sent:</b> 30 April 2020 21:42<br>
<b>To:</b> Stuart Willet (primary) <<a
href="mailto:stu@safehosts.co.uk"
moz-do-not-send="true">stu@safehosts.co.uk</a>>;
<a href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">members-discuss@ripe.net</a><br>
<b>Subject:</b> Re: Technical solution to
resolve Spoofed IP traffic, Spoofed
amplification DDoS attacks, BGP&RIR
hijacking, IoT botnet infections and Botnet
C&Cs</span></p>
</div>
</div>
<p class="x_xxmsonormal"> </p>
<div>
<p class="x_xxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Stuart,</span></p>
</div>
<div>
<p class="x_xxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">You are willing to sacrifice the
good of the community for a personal attack
against me. Regarding what you wrote: do you
know how many compute time is wasted for all the
current DDoS attacks that this solution will not
resolve ? do you know how many costs involved
for organizations and companies which are under
DDoS attacks ? when you compare the current to
the state of this solution then this solution is
by far better than the current state.</span></p>
</div>
<div>
<p class="x_xxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Respectfully,</span></p>
</div>
<div>
<p class="x_xxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Elad</span></p>
</div>
<div class="x_MsoNormal" style="text-align:center"
align="center">
<hr width="98%" size="2" align="center">
</div>
<div id="x_x_x_divRplyFwdMsg">
<p class="x_xxmsonormal"><b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black"> Stuart Willet (primary) <<a
href="mailto:stu@safehosts.co.uk"
moz-do-not-send="true">stu@safehosts.co.uk</a>><br>
<b>Sent:</b> Thursday, April 30, 2020 11:39 PM<br>
<b>To:</b> Elad Cohen <<a
href="mailto:elad@netstyle.io"
moz-do-not-send="true">elad@netstyle.io</a>>;
<a href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">
members-discuss@ripe.net</a> <<a
href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">members-discuss@ripe.net</a>><br>
<b>Subject:</b> RE: Technical solution to
resolve Spoofed IP traffic, Spoofed
amplification DDoS attacks, BGP&RIR
hijacking, IoT botnet infections and Botnet
C&Cs</span>
</p>
<div>
<p class="x_xxmsonormal"> </p>
</div>
</div>
<div>
<div>
<p class="x_xxxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">In fairness, I couldn’t even be
bothered reading further than the worlds BGP
routers needing a firmware update to DOUBLE
packet count whilst adding compute time at an
individual packet level.</span></p>
<p class="x_xxxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">Another idea, slightly marred
by the unfathomable costs involved, along with
its logistic impossibility.</span></p>
<p class="x_xxxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<p class="x_xxxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D">/me sits back and grabs the
popcorn…..</span></p>
<p class="x_xxxmsonormal"><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid
#E1E1E1 1.0pt; padding:3.0pt 0cm 0cm 0cm">
<p class="x_xxxmsonormal"><b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;
font-family:"Calibri",sans-serif"
lang="EN-US"> members-discuss [<a
href="mailto:members-discuss-bounces@ripe.net"
moz-do-not-send="true">mailto:members-discuss-bounces@ripe.net</a>]
<b>On Behalf Of </b>Elad Cohen<br>
<b>Sent:</b> 30 April 2020 21:31<br>
<b>To:</b> <a
href="mailto:members-discuss@ripe.net"
moz-do-not-send="true">members-discuss@ripe.net</a><br>
<b>Subject:</b> [members-discuss]
Technical solution to resolve Spoofed IP
traffic, Spoofed amplification DDoS
attacks, BGP&RIR hijacking, IoT botnet
infections and Botnet C&Cs</span></p>
</div>
</div>
<p class="x_xxxmsonormal"> </p>
<div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Hello Ripe Members!</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">I will share the following
solution in the near General Meeting and
I'm interested to share the following
technical solution with you as well, it
will completely resolve: Spoofed IP
traffic, Spoofed amplification DDoS
attacks, BGP&RIR hijacking. And will
dramatically lower: IoT botnet infections
and Botnet C&Cs.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">By a single update to any BGP
router, not any router needs to be
updated, only active BGP routers. If I
will have the honor of being elected to
the Ripe Board I will harness all the
power of Ripe and all of the 5 RIR's and
all of the LIR's in the 5 RIR's so routing
manufacturing companies will implement the
below processes and methods with a single
firmware update to their BGP routers.
</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">I'm asking for your support
in electing me so I will be able to enter
the Ripe Board and then I will be able to
make everything which is written in this
post to come true.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Regarding the bgp-anycasted
infrastructure written below, ICANN is
written but the global bgp-anycasted
infrastructure can be managed by the 5
RIR's and/or by the ccTLDs registries (my
main point is that who will operate the
bgp-anycasted infrastructure is not
important for now, as long as it will be
an agreed authoritative non-governmental
non-commercial global entity/ies)</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">With new tracking protocol
over ip, routers will be able to confirm
that source ip came from the network of
the announcing ASN, and hence spoofed
amplification DDoS attacks will be
completely annihilated.</span></p>
</div>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">The Process:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">At the source BGP router,
for any ip packet with a source address
that is from the network of the source
BGP router (lets call it original ip
packet) - the source BGP router will
create a new ip packet (lets call it
tracking ip packet) with a new transport
layer protocol and with the same source
address and with the same destination
address and with the same IP-ID such as
the original ip packet.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">In the new tracking ip
packet there will be a new transport
layer protocol (tracking protocol) with
the following fields:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">AS number of source BGP
router in clear text</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">AS number of source BGP
router encrypted with the private key of
the source BGP router</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">The destination BGP router
(a BGP router that the destination
address is in its network) whenever it
receive a 'tracking ip packet' will
check if its have the internal boolean
'Check tracking flag' in it - 'on' or
'off':</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">If 'off' then the
destination BGP router will drop that
'tracking ip packet'</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">If 'on' then the
destination BGP router will decrypt the
'encrypted AS number' with the public
key of the specific AS number</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">and after decryption the AS
number need to be the result:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">if not then to drop the
tracking ip packet and the original ip
packet related to it</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">if yes then to drop the
tracking ip packet and to forward the
related original ip packet to
destination but only if the source
address is originated from the specific
ASN (according to the local ASNs+ranges
table in the BGP router, such table will
be received from ICANN)</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">If the 'Check tracking
flag' is set to 'on' then any original
ip packet that arrive to the destination
BGP router will wait for the related
tracking ip packet (in case the related
tracking ip packet didn't already
arrived to the destination BGP router).
The destination BGP router will manage
such waiting for X number of seconds.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">The destination BGP router
will match between a tracking ip packet
and an original ip packet - based on
their source address and their
destination address and their IP-ID
which will all be identical.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">More Aspects:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- The end-devices will not
need to be updated, any router will not
need to be updated, only all the BGP
routers will need to be updated.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Any BGP router in the
routing path, which the original ip
packet and the tracking ip packet are
not destined to an ip address in its own
network - will not check the content of
the tracking ip packet and will forward
both the tracking ip packet and the
original ip packet as they are.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Each BGP router will have
all the public keys (of all the ASN's)
locally.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Each BGP router will have
a full list of all the ASN's and all the
route objects ranges which are related
to them locally.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">How BGP routers will
receive all the ranges in all the route
objects of all the ASNs (in the 5 RIRs)
and all the public keys of all the ASNs
(for decrypting the encrypted strings in
'tracking ip packets'):</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Each BGP router will
create a tcp session with ICANN backend
infrastructure (the backend
infrastructure of ICANN will use BGP
anycast and will be available from many
locations worldwide with automatic
syncing)</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- At this stage there will
be a handshake process between the BGP
router and the ICANN backend
infrastructure in order for ICANN to
know the correct ASN which is operating
the BGP router - the BGP router will
send its ASN in cleartext and also its
ASN encrypted with its
ICANN-communication-private-key , ICANN
will know the related public key for the
specific ASN from the specific ASN
object in the RIR (the public key for
communication with ICANN will be
displayed there) - after decryption
ICANN will compare the decrypted string
to the AS Number for successful
authentication.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- After successful
authentication, all the communication
will be encrypted, ICANN will notify the
BGP router about its public key and
ICANN will use the public key of the ASN
for the communication with ICANN - from
the ASN object in the RIR.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- The BGP router will send
over the session its public key to be
used by other BGP routers in order to
decrypt the encrypted string in the
tracking ip packets that it will
originate (that private key and public
key will be managed in the BGP router
GUI or CLI).</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- ICANN will notify all the
other BGP routers through the sessions
with them about a newly updated such
public key of any other BGP router.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- ICANN will also receive
in real-time any route object
creation/modification/deletion
notification from any of the 5 RIRs and
will then update all the BGP routers
through all of their sessions.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- In case a BGP router
doesn't have an active session to ICANN
backend infrastructure (for any reason,
might be due to networking issue) - then
temporarily the internal 'Check tracking
flag' of it will be set to 'off'. After
the session with ICANN backend
infrastructure will be re-established
and the BGP router will receive all the
meantime updates - the boolean value of
'Check internal flag' will return to
initial state.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Any update from ICANN
backend infrastructure to a BGP router
(such as a public key of another BGP
router, or a routing object update) -
will be confirmed that the update was
received well by the BGP router side.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">'Check tracking flag' in
BGP Routers:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- BGP routers, in their GUI
and CLI interfaces - will not allow the
end-user to set the boolean value of
'Check tracking flag', in order to avoid
misconfiguration.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- The ICANN backend
infrastructure through the session with
the BGP router - will be able to set the
boolean value of the 'Check tracking
flag'.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- The reason for it, is
that if 'Check tracking flag' will be
set on some destination BGP routers
while some other source BGP routers
weren't upgraded yet (and will not send
the 'tracking ip packet' due to it) -
then 'tracking ip packet' will never
reach the destination BGP router and the
internet will break.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Central setting of 'Check
tracking flag' through ICANN backend
infrastructure - will allow ICANN to
inform all the BGP routers at once to
switch 'on' the 'Check tracking flag'</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- ICANN, in the session to
any BGP router, will also receive the
percentage of ip packets that were
destained to that BGP router network -
that also had ip tracking packets, in
this way ICANN will know when all the
BGP routers were properly globally
updated and when it is time to enable
the 'Check tracking flag' in all the BGP
routers.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- ICANN will know if all
the BGP routers in the world were
upgraded based on keeping the full BGP
table and comparing it to all the BGP
routers that did and that did not open a
session to ICANN backend infrastructure.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Automatic preventation of
IoT botnet infections:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- IoT botnets are based on
default credentials, if we can block
default credentials of IoT devices then
these kind of botnets (such as
Mirai-variants and similar) will stop to
have an impact in the internet.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- The data field in an ip
packet - will always be the same for an
access attempt to a IoT device with
default credentials - hence these kind
of "IP protocol data fingerprints" which
are related to specific "IP protocol
numbers" will be provided by ICANN
backend infrastructure to each BGP
router through the opened session with
it.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- There are two issues with
matching incoming ip packets to the
"locally stored IP protocol data
fingerprints" - the first one is that ip
packets can be sent by fragments (so not
all the data field will be sent at once
in order to be able to be compared with
the locally stored data fingerprints)
and the second is that usernames (or
url's) or any other textual data in the
incoming ip packet data field can be in
uppercase or in lowercase. In order to
overcome the possibility of the
existence of a single data fingerprint
in multiple incoming ip packet fragments
- then in case the BGP router is
recognizing the incoming fragmented ip
packet data value as part of an existing
fingerprint data in its local database
then it will keep track of the arrival
ip packet fragments based on their
specific IP-ID identifier and the BGP
router will not forward the last ip
packet fragment if the last ip packet
fragment will cause all the related ip
packet fragments to match a specific ip
fingerprint data (last ip packet doesn't
have to be the last fragmented part but
it is the last ip packet that arrived
with that IP-ID identifier, so the BGP
router will keep track of the specific
fragmented IP packets that arrived and
their indexes in order to know when the
last one of them arrived). Regarding the
second issue - the stored data
fingerprints in the local BGP router
will be stored in a way that some bytes
of them (in specific indexes) will not
be compared and in case all the other
bytes will match - then the bytes in
these indexes - will first be lowered
case - and only then comparison will be
made to the specific indexed bytes in
the specific ip packet data fingerprint.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- In case a IoT device
behind a BGP router will be infected
somehow (for example when a specific
fingerprint data with default
credentials for a specific device wasn't
updated yet through ICANN backend
infrastructure), it will be able to
infect all the other IoT devices in the
local network when the connectivity to
them is not through the BGP router, that
kind of impact will be much much lower
than infected IoT device which can
infect any other IoT device in the
internet and then massive botnets in the
internet are created which are being
used for DDoS.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Automatic prevention of
botnet C&C ip addresses:</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Botnets C&C are also
a problem in the internet.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- This problem can be
overcome using the following technical
addition: the 5 RIR's will operate
end-users honeypots machines all over
the world (it will be implemented by a
single physical machine in each
location, for example in each datacenter
and in each major ISP, each single
physical machine will emulate a virtual
router and virtual VM's, the virtual
VM's will emulate many different kinds
of 'real world machines', any kind of
automatic updating (in the operating
system configurations) will be disabled,
these honeypots machines are not
intended to make any outgoing
connection, the virtual routers will
monitor if any outgoing connection is
made and if yes then it is to a botnet
C&C, the virtual router will update
the ICANN backend infrastructure
regarding it and the ICANN backend
infrastructure will update all the BGP
routers (in their open sessions)
regarding it to completely block any
communication to that botnet C&C ip
address. There will be a web-based
system and only the related Law
Enforcement Agency of that C&C ip
address region - will be able to remove
that C&C ip address from being
blocked after their manual check.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">- Honeypot machines will be
deployed using 'templates' - these
templates must be signed and not anyone
can create them, they should be created
and signed by an agreed Law Enforcement
Agency such as Interpol in order to make
sure that these templates are by-design
not making any outgoing connection. The
templates will be deployed in an
automatic way (major ISP's and
datacenters will be able to easily add a
'physical honeypot' server in their
network, that will be shipped to them),
the re-initiation of a compromised
'virtual machine' that made an outgoing
connection - will also be automatic
through the system in the physical
server.</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Respectfully,</span></p>
</div>
<div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black">Elad</span></p>
</div>
</div>
<p class="x_xxxmsonormal"><span
style="font-family:"Calibri",sans-serif;
color:black"> </span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
members-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:members-discuss@ripe.net">members-discuss@ripe.net</a>
<a class="moz-txt-link-freetext" href="https://mailman.ripe.net/">https://mailman.ripe.net/</a>
Unsubscribe: <a class="moz-txt-link-freetext" href="https://lists.ripe.net/mailman/options/members-discuss/aleksi%40magnacapax.fi">https://lists.ripe.net/mailman/options/members-discuss/aleksi%40magnacapax.fi</a>
</pre>
</blockquote>
</body>
</html>