Below are the top-7 ASN's that *we* have not been able to reach with our email notifications of CME-24/BlackWorm infected machines:
5416 | BATELCO-BH
6412 | KW Gulfnet International
8781 | QA-ISP Qatar Telecom (Q-Tel)
10029 | SPECTRANET FIRST FIBRE BROADBA
12486 | Teleyemen - YNET Autonomous Nu
20759 | ISU-JED KACST/ISU Jeddah Auton
34105 | ARIAVESATCOM-AS Ariave Satcom
If you know of a contact for these or did not receive a notification and would like to make sure your network is clean, please contact me off list.
Thanks,
Gadi.
Below are the top-7 ASN's that *we* have not been able to reach with our email notifications of CME-24/BlackWorm infected machines:
5416 | BATELCO-BH
6412 | KW Gulfnet International
8781 | QA-ISP Qatar Telecom (Q-Tel)
10029 | SPECTRANET FIRST FIBRE BROADBA
12486 | Teleyemen - YNET Autonomous Nu
20759 | ISU-JED KACST/ISU Jeddah Auton
34105 | ARIAVESATCOM-AS Ariave Satcom
If you know of a contact for these or did not receive a notification and would like to make sure your network is clean, please contact me off list.
I can get 6412 Kuwaiti Gulfnet. Do you have a URL or something you want
them to look at?
The rest are up and operational. Perhaps trying the role accounts
for abuse, sysop, root, etc. or the APNIC/RIPE database for contacts
might be useful.
-M<
Try Furhan Moidiin FURHANM@qtel.com.qa.
Doug Pearson
PGP: http://mypage.iu.edu/~dodpears/dodpears_pubkey.asc
Research and Education Networking ISAC
24x7 Watch Desk: +1(317)278-6630, ren-isac@iu.edu
web: http://www.ren-isac.net
Gadi Evron wrote:
Below are the top-7 ASN's that *we* have not been able to reach with our email notifications of CME-24/BlackWorm infected machines:
5416 | BATELCO-BH
6412 | KW Gulfnet International
8781 | QA-ISP Qatar Telecom (Q-Tel)
10029 | SPECTRANET FIRST FIBRE BROADBA
12486 | Teleyemen - YNET Autonomous Nu
20759 | ISU-JED KACST/ISU Jeddah Auton
34105 | ARIAVESATCOM-AS Ariave Satcom
Here are the next TOP unreachable ASN's to OUR notification attempts:
1215 ORACLE-NA-AS - Oracle Corporat
3215 AS3215 France Telecom Transpac
4776 "ANET-TH-AP A-Net Co. Ltd."
5080 ARAMCO-AS - Aramco
5087 ERX-LANKA-COM Lanka Communicat
6125 RNP / Centro Regional do Distr
6197 BATI-ATL - BellSouth Network S
6423 EASYSTREET-ONLINE - EasyStreet
7151 BAYAREA-AS - Bay Area Internet
7616 JINET-BKK-AS-AP Jasmine Intern
7633 SOFTNET-AS-AP Software Technol
8140 Instituto Federal Electoral (I
9038 NETS Autonomous System
9051 IDM Autonomous System
9326 CENTRIN-AS-AP PT Centrin Utama
9340 "INDONET-AS-AP INDO Internet P"
9730 BHARTITELESONIC-AS-IN-AP Bhart
9830 SWIFTONLINE-AS-AP SWIFT ONLINE
10029 SPECTRANET FIRST FIBRE BROADBA
10031 IASPIRE-ASN iASPire.net Pte Lt
10201 DWL-AS-IN Dishnet Wireless Lim
10217 NTT-NET-ID-AS PT. NTT Indonesi
12735 ASNETONE Netone Bilgi Ve Ileti
12978 DOGAN-ONLINE Dogan Iletisim El
14025 "EZL-DOT-COM - ezl dot com inc"
14710 COX-OMAHA - Cox Communications
14962 NCR-252 - NCR Corporation
15764 PEGASUS
15802 DIC-AS1 Dubai Internet City
15897 RTNET RTNET Autonomous System
16422 NEWSKIES-NETWORKS - New Skies
16642 OGILVY-MATHER-EU AS for Ogilvy
17439 NETMAGIC-AP Netmagic Datacente
17443 ESTELCOM-AP International Inte
17445 INTER-AS-QNET Lensodatacom Co.
17464 TMIDC-AP Hosting Services (MYL
17501 WLINK-NEPAL-AS-AP WorldLink Co
17625 BLAZENET-IN-AP BlazeNet_s Netw
17648 HECL-AS HUGHES ESCORTS COMMUNI
17747 ZIML-AP ZEE INTERACTIVE MUTIME
17754 EXCELL-AS Excellmedia
17884 UNINET-AP PT. Uninet Media Sak
17885 JKTXLNET-AS-AP PT Excelcomindo
18101 RIL-IDC Reliance Infocom Ltd I
18105 KARNET-AP Karuturi Networks Lt
18156 BITNET-ID-AP BITNET ISP AS
21050 FAST-TELCO kw.fast-telco Autno
21575 Millicom Peru S.A.
23679 NUSANET-AS-ID Media Antar Nusa
24020 "UITM-AS-AP University IT Sha"
24195 DHECYBER-AS-ID Dhecyber Flow I
24802 KEYCAB-AS KEYCAB AS for announ
26593 Telespazio Argentina
29918 AFRINIC African Network Inform
30998
Know of a working contact for these? Please contact me off-list.
Thanks,
Gadi.
Gadi Evron wrote:
Below are the top-7 ASN's that *we* have not been able to reach with our
email notifications of CME-24/BlackWorm infected machines:
<...>
Know of a working contact for these? Please contact me off-list.
For any you do get ahold of but-not-via-their ASN/Whois information, please politely ask them to update that on the community's behalf if they can 
29918 AFRINIC African Network Inform
Er, AFRINIC is the RIR for the whole african continent. If you get a
referral to AFRINIC go lookup whois.afrinic.net
> 10029 | SPECTRANET FIRST FIBRE BROADBA
5087 ERX-LANKA-COM Lanka Communicat
7633 SOFTNET-AS-AP Software Technol
9730 BHARTITELESONIC-AS-IN-AP Bhart
9830 SWIFTONLINE-AS-AP SWIFT ONLINE
10029 SPECTRANET FIRST FIBRE BROADBA
10201 DWL-AS-IN Dishnet Wireless Lim
17439 NETMAGIC-AP Netmagic Datacente
17443 ESTELCOM-AP International Inte
17501 WLINK-NEPAL-AS-AP WorldLink Co
17625 BLAZENET-IN-AP BlazeNet_s Netw
17648 HECL-AS HUGHES ESCORTS COMMUNI
17747 ZIML-AP ZEE INTERACTIVE MUTIME
17754 EXCELL-AS Excellmedia
18101 RIL-IDC Reliance Infocom Ltd I
18105 KARNET-AP Karuturi Networks Lt
No surprise - lots of networks from the indian subcontinent -
blackworm mostly spreading through india as you say. Post on
sanog@sanog.org asking about contacts, you'll find people on that
list.
Suresh Ramasubramanian wrote:
29918 AFRINIC African Network Inform
Er, AFRINIC is the RIR for the whole african continent. If you get a
referral to AFRINIC go lookup whois.afrinic.net
Been hoping for something more like...
18105 KARNET-AP Karuturi Networks Lt
No surprise - lots of networks from the indian subcontinent -
blackworm mostly spreading through india as you say. Post on
sanog@sanog.org asking about contacts, you'll find people on that
list.
Only actual contacts that won't over-extend us further. If you are on that list, can you please forward this message?
--
Suresh Ramasubramanian (ops.lists@gmail.com)
Thanks Suresh.
Gadi.