All, First, apologies in the context of this email, but I’ve never had to send one out before but have recently had an issue with an un-authorised deletion attempt of one of our subnets, and whilst investigating have come across some interesting details which I need to ask the members about. So, on Tuesday morning I received an email, stating that someone, via the webpage, had tried to delete an allocation of ours, in the email were recorded the details of the IP address that the attempt came from. When we get these and other requests, it’s easy to find the ‘owner’ using RIPE / ARIN, so an abuse email was sent to the LIR, and I had a reply saying that it was being looked at. – so far so good. At the same time, I received an email about the demise of the MD5 password email update procedure, and putting 2 and 2 together and getting 5, thought this was someone who was trying to do it via email. However, when I chatted with RIPE, I was told that the request was made via the webpage. So, earlier today, I asked if they could tell me either who, or just the company it was that tried the webpage deletion, as you must be signed onto the webpage to do so. Now I was expecting a ‘we can only tell you….’ answer , but instead I got a ‘sorry, we don’t record that information’ – it’s like WHAT ? you don’t record who deletes/allocates any requests in anyway, shape or form ? So, the question I’m putting to you is – Would you think that it would be expected behaviour to record who makes any requests on the system ? as for admin purposes you’d like to know who’s doing what. Then, I was told, even if there were information, I couldn’t be told it as it’s confidential ? like WTF ? (excuse my language) – but this is getting daft – someone can try to delete an allocation – yet even if you knew you couldn’t tell me ? Would love to know of people experiences on this subject. Regards, Stephen Stephen Carter Senior Technical Services Specialist Network Operations ISP, DSL, VPN & IaaS Intelligent Infrastructure Management (IIM) [cid:image001.gif@01DC7BF6.AF94D450] Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No 96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: Lovelace Road, Bracknell, Berkshire RG12 8SN; PFU (EMEA) Limited, (registered in England No 1578652) registered offices at: Belmont, Belmont Road, Uxbridge, England, UB8 1HE and Fujitsu Research of Europe Ltd (registered in England No. 4153469) 4th Floor, Building 3, Hyde Park Hayes, 11 Millington Road, Hayes, UB3 4AZ. This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it is virus-free.
