On Tue, 09 Aug 2016 17:35:24 +0530 Suresh Ramasubramanian <ops.lists@gmail.com> wrote: just to also properly respond to you, Suresh
[applause]
applause at what? Content police? Trademark dispute Police? Copyright dispute Police? Decide what is or what is not acceptable content? For example: we are supposed to do what "Google" is doing? Decide what is abuse (yet it is okay if we are the abuse ourselves? ) That we now have to decide the age of a porn actor, is he/she/it 17 or 18 years old? (One is child porn and the other is legal) - and then to also verify what content is legal in some areas and what is illegal in other areas?) that we now have to decide which trademark is the strongest, the one registered in Greece or the one registered in the UK, so that we can "null route" the traffic to the illegal domain name?
IP addresses are in short enough supply that this would be breach of fiduciary trust, if we were talking about a bank manager and loans, rather than allocating IP addresses. (and no, don’t tell me v6 – there’s far more of this going on there, and that is something we will regret a few decades or less down the line). Oh, and for those of you who want to trot out that “we are not the internet police” meme .. keep at it. We’ll all collectively regret it some day.
No, there is actual real Police and law enforcement in all the Subject line countries. These countries (societies) all have laws, law enforcement as well as courts and prisons. What we should discuss is our own internal Abuse/Crime Intelligence/etc policies: 1. When we find crime, child porn, credit card scams, etc on networks, we should immediately report it to the Police in the jurisdiction where the data is. We must not, discuss this on a public list before the Police has at the very least, had the opportunity to first ensure that they have secured the data/servers/evidence that may be required to prosecute. 2. If, after a reasonable amount of time, we receive no feedback (as in back off, we are investigating this - or we are busy prosecuting or whatever) then we should do what? If the ISP or resource holder is actually guilty of a crime or is non responsive or non co-operative with law enforcement then of course I do agree that it is resource abuse and that should have consequences, but you cannot simply find a random domain, note content on it that seems as if there may possibly be criminal activity and/or abuse. It seems that they are offering to spam - do they actually spam? I also publish http://ascams.com I cannot publish anything about this website or this content on there as their is simply no due process, no proof of actual illegal activity, no actual trial, guilt, verdict, etc. So, [Applause] you say? We should start filtering/editing/censoring content deciding to 'null-route' entire IP ranges because of our content decisions? seriously? We can also maybe build a huge wall around our networks? Maybe we should not route any traffic that we have not properly inspected? Now if we can just get those pesky Mexicans to pay for our walls...
From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Sergey <gforgx@fotontel.ru> Date: Tuesday, 9 August 2016 at 5:32 PM To: <andre@ox.co.za>, <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Russian carding... no, Islandic carding... no Belizian carding!
Are you blind, Andre?
Okay, I'll cite the website rfg has pointed at for you then:
Hacking services
Email marketing - SPAM (the Russian text says it clearly: "spam sending services")
Malware & Coding
Sell CC & DUMPs, Enroll, Bank accounts, DOB+SSN
That is okay, you think? I don't think so. I think this mailing list is intended to deal with all of this.
Don't be pretend to be a fool by sending links to pages which are innocent in comparison this. It's not about TLDs. It's about the content.
On 08/09/16 14:24, andre@ox.co.za wrote: Agreed.
I do not understand what Ronald F. Guilmette is complaining about or even what this thread is about...
I own some and operate many other .com domains, I also operate .me (like example https://wishes.me )
Speaking of which, I recently created this: https://about.me/andrecoetzee - kinda cool! no?
this does not mean that I am pretending to be in Montenegro, just that some countries are more open, free and forward thinking and that some domain tld's are suitable for custom type names, for example .is and .in and others.
So, as I said, I have absolutely no idea what the initial post is even about at all, maybe Ronald F. Guilmette can point out the ABUSE that will be super helpful and not seem like such a complete waste of time.
Andre
On Tue, 9 Aug 2016 13:11:21 +0200 Volker Greimann <vgreimann@key-systems.net> wrote:
Speaking on general terms, not on the specific website, anything you cite could also occur in a legit website. In a globalized world, users are free to deal with any service provider they trust and register domains in any TLD they chose. There is nothing fishy about that per se.
The domain name string you cite is quite a nice string, which probably was not available in many TLDs anymore. Further, the TLD sting. ".is" can be used as a hack as it is an English language word.
Just my 2 cents,
Volker
Am 09.08.2016 um 05:14 schrieb Ronald F. Guilmette: https://www.verified.is/ (Gee! Big surprise! Russian language only.) -> .IS = Iceland -> 82.221.130.101
That site is obviously all written in Russian, but it is resident on a little /26 IP address block that's pretending to be owned by a Belizian company. (See below.) But of course, it's actually physically sitting in a data center somewhere in Iceland, and on an Icelandic AS.
I am seeing this kind of thing almost every day now... bullshit domains sitting on bullshit networks, almost always in RIPE IP space, but all claiming to be in either Belize or UAE.
I've given up any hope that posting any of this kind of information here will have any impact on anything, ever. A part of me wants to scream "Which part of this repeating pattern do you folks not understand?" but I know that doing so here is pointless. So I'm really only posting this here so that later on, nobdy can say to me "Gee Ron, why didn't you ever say anything to anybody about that?"
I did say something. In fact I said plenty... about both Belize and UAE. It's not my fault if everybody with power and influence within RIPE continued to ignore the now all-too-obvious patterns because the self- evident truths about what's been going on doesn't suit their own financial interests.
Regards, rfg
P.S. At least the .IS domain administrators are looking at possibly suspending the doamin name on the grounds that the registration info "isn't accurate". I commend them for that. That's one hell of a lot more than the network operator (AS50613, Advania) is willing to do. Advania didn't even have the courtesy to answer my email, even if only to tell me to go pound sand.
========================================================================= inetnum: 82.221.130.64 - 82.221.130.127 netname: ORANGEWEB descr: OrangeWebsite.com - Network org: ORG-IL351-RIPE country: IS admin-c: OTD3-RIPE tech-c: OTD3-RIPE status: ASSIGNED PA mnt-by: MNT-ADVANIA created: 2016-01-27T15:08:11Z last-modified: 2016-01-27T15:08:11Z source: RIPE
organisation: ORG-IL351-RIPE org-name: Icenetworks Ltd. org-type: OTHER address: 60 Market Square address: Belize City, Belize <== I hope they speak Russian down there! e-mail: sales@orangewebsite.com abuse-c: OTD3-RIPE mnt-ref: MNT-ADVANIA mnt-by: MNT-ADVANIA created: 2014-11-05T10:30:10Z last-modified: 2014-11-05T10:46:28Z source: RIPE
role: OrangeWebsite.com Technical Department address: OrangeWebsite.com address: Klapparstigur 7 address: 101 Reykjavik address: Iceland abuse-mailbox: abuse@orangewebsite.com e-mail: support@orangewebsite.com admin-c: AK12182-RIPE tech-c: AK12182-RIPE mnt-by: MNT-ADVANIA nic-hdl: OTD3-RIPE created: 2013-12-16T09:41:11Z last-modified: 2013-12-16T09:41:11Z source: RIPE
% Information related to '82.221.128.0/19AS50613'
route: 82.221.128.0/19 descr: Advania / Thor Data Center origin: AS50613 mnt-by: THOR-MNT mnt-lower: THOR-MNT created: 2013-07-30T12:15:23Z last-modified: 2013-07-30T12:15:23Z source: RIPE