I thought it was more like "we will set up a shell company by paying some random guy in a bar drinking money to use his ID and register one".
At least if we're talking of a certain european country with LIRs known for handing out /14s earlier, smaller but still significant IP blocks now, to some "high volume email deployers" among others.
Most of what you ask is, I suspect, doable if people decide to forget that "we're not the internet police" trope. And if there's more active participation from the security and abuse handling side of various RIPE members rather than just their network and DNS people.
--srs
In message <5459613B.6010604@iszt.hu>,
Janos Zsako <zsako@iszt.hu> wrote:
>I will try to answer some of your questions.
Thank you.
>>>> Given some arbitrary record which is stored within the RIPE WHOIS
>>>> data base, such as an organization (ORG-*) record or a record for
>>>> a number resource, such as an AS, how can I determine the date on
>>>> which that record was created? Do I just look for the earliest
>>>> date found in any of the associated changed: fields?
>>...
>I guess there is no good answer to this. As far as I can tell, you have no
>means to find out when an object was first added to the database
>(i.e. created). The earliest changed: field usually gives you only an upper
>limit (i.e the object is most probably not younger than that date).
>
>You can also look at the historical data of the object, see
>https://labs.ripe.net/Members/kranjbar/proposal-to-display-history-of-objects-
>in-ripe-database
>however, this does not necessarily help either.
>
>As far as I know, the RIPE NCC, however, in a given case, could tell you
>exactly when the given object was created.
Thanks, but that begs the question... What exactly do you mean by "case"
in this context?
(I _had_ vaguely hoped that I might be able to do at least some very
modest and very preliminary investigation of some fishy goings on,
*without* having to initiate a full blown and formal legal proceeding
in order to do so. But it is looking more any more as if RIPE NCC is
not making available even some very basic types of information... e.g.
age... about the objects in its data base. Over here on this side of
the pond, we have a name for this. It's called "hiding the ball.")
>There are, however, plans to introduce new attributes (created: and
>last-modified:) that would replace the (rather useless) changed: attribute.
That will be helpful.
(Of course, it will be even more helpful if those things actually make
their debut within my lifetime.)
>> Same again. I am rather astonished that not a single person within
>> a group focused on dealing with network abuse issues within the RIPE
>> region can even say how to find the LIR that issued a given AS.
>
>This is probably due to the fact that there is no such data available
>in the database. You can make some assumptions, but these may be wrong
So there is no trace... no chain of documentation on how an AS got to
be an AS. Is that correct? Is that really what you are telling me?
(Where I live, it is necessary to obtain a formal written license from
the state, even if all you want to do is to cut people's hair in exchange
for money. And the relevant documents get filed, in triplicate, and are
available for public inspection in Sacramento. Given what we all know
these days about the kind of damage that can be caused, throughout the
world, and for millions of people and companies, e.g. by a "rogue" AS
operator, I remain both stunned and mystified that in the RIPE region,
no documentation is available on how a given AS came to be.)
>A question comes to my mind, however, why do you care about who issued
>a given AS? I would think that from an abuse point of view who _uses_ the AS
>is much more relevant.
The answer to the question in the first sentence just above is contained
in the second sentence just above.
I want to know who registered a given AS. And I would like to know how
they demonstrated that they were indeed who they said they were (and/or
I'd like to know if the LIR even bothered to check).
Remember, I also asked this:
>>>> What sorts of credentials or bona fides must or should applicants
>>>> who are requesting AS number allocations provide to the RIPE LIR
>>>> which processes the request(s)?
At the present moment, it appears to me that a drunken one-eyed sailor
can simply show up in the offices of certain LIRs in certain European
cities, claim to have lost his wallet, driver's license, birth certificate,
and all other forms of identification, and then can ask for his own AS,
which will be awarded to him on the spot, and without any of those silly
annoying questions of the kind those stupid impolite Americans are in
the habit of asking... like for instance who he actually is or whether
or not he had ever been convicted of murdering anyone.
Alternatively, if you call in to the right LIR(s) and simply pretend to
be some famous big-name movie star who is well known within the country
in question, then in deference to your status, they will give you your
AS, no questions asked... and none of that annoying paperwork stuff.
Regards,
rfg
P.S. I _would_ just simply ask RIPE NCC for the info I'm seeking, but
past experience suggests to me that if I did that, their first response
would most probably be to start to grill _me_, e.g. asking me who I am
and why I want to know. Then in the end, they would go off and do their
own sooper sekrit investigation, and never tell me a single blessed thing.