Peace, On Wed, Dec 2, 2020 at 1:53 AM Ronald F. Guilmette <rfg@tristatelogic.com> wrote:
Please be advised that the set of IPv4 blocks listed below appear to be squatted on at the present time, with the apparent aid and assistance of AS44050 -- "Petersburg Internet Network Ltd." (Russia) and also AS58552 "PT Multidata Rancana Prima" (Indonesia).
Please be informed that after a (pretty short) conversation AS44050 is not announcing those prefixes anymore.
Neither AS44050 nor AS58552 was never announcing any of the squatted prefixes themselves directly. Rather AS44050 was... for reasons which have yet to be explained... peering with the set of four apparently squatted ASNs
Yes, this is understood. There's no peering anymore. See e.g.: https://radar.qrator.net/as24199/providers#startDate=2020-08-30&endDate=2020-11-30&tab=current
If you are in a position to have one more short conversation with the owners and/or operators of AS44050, Petersburg Internet Network Ltd., then please be so kind as to ask them on my behalf why they were peering with those four different apparently squatted & abandoned ASNs.
I don't think I'm anywhere close to a position where I can ask them questions like that.
The name "Petersburg Internet" has come up, time and time again, in relation to online skulduggery and malfesance. [..] https://krebsonsecurity.com/page/2/?s=Petersburg+Internet&x=0&y=0
This search yields all the results containing "petersburg" OR "internet". There's no doubt there would be many in this case. AS44050 is basically the SOHO provider for the St. Petersburg Internet Exchange. St. Petersburg's population is slightly below 5 million people, not counting satellite cities and suburbs (which, if counted, would contribute another 2 millions I think), and the city has quite got a reputation for hidden criminal activity. It's Chicago-style if you will. Surely there are also quite a few criminals in one of the largest ISP networks of the city. To put it into some shape for your understanding: I think the likes of Centu, ah sorry, Lumen or Comcast would've got a reputation very close to what PIN has got in your eyes if not for their location close to you in the United States. E.g. Lumen has allowed a route leak incident on their network quite recently; and there's no doubt they won't vouch for every customer of theirs. -- Töma