Another legacy /16, after the previous one - the sf bay packet radio /16
http://www.47-usc-230c2.org/chapter3.html
This time 128.168/16 - and by the same group that seems to have acquired
control of the earlier one.
--srs
Is the whole AS (33302) rogue like the AS advertising the SF Bay Packet Radio block is? Looking at the WHOIS for some of the prefixes advertised by both ASs, I see some common company names. That would lead me to believe that 33302 is no better than 33211 but I can't confirm that. Any takers?
Justin
Suresh Ramasubramanian wrote:
Not sure. The AS announces some more but an arin query for DATA102
simply has this /16 and a smaller netblock
That 47-usc site is not mine either .. its by Ron Guilmette,
interviewed in the Wash Post -
http://blog.washingtonpost.com/securityfix/2008/04/a_case_of_network_identity_the_1.html
suresh@frodo 22:17:45 <~> $ whois -h whois.arin.net Data102*
Data102 Abuse Team (DAT13-ARIN) abuse@data102.com +1-719-578-8842
Data102 Network Ops (DNO44-ARIN) netops@data102.com +1-719-578-8842
Data Works Inc DATA102984 (NET-63-243-82-144-1) 63.243.82.144 - 63.243.82.159
Gold Hill Computers DATA102 (NET-128-168-0-0-1) 128.168.0.0 - 128.168.255.255
Suresh Ramasubramanian wrote:
Another legacy /16, after the previous one - the sf bay packet radio /16
http://www.47-usc-230c2.org/chapter3.html
This time 128.168/16 - and by the same group that seems to have acquired
control of the earlier one.
luckily, there is no black market in address space. or at least so the
theory goes on arin and ripe public policy lists.
randy
And there is also no black market in credit card, social security, and
PIN numbers.
"See no evil, hear no evil, fear no evil"
> http://www.47-usc-230c2.org/chapter3.html
> This time 128.168/16 - and by the same group that seems to have
> acquired control of the earlier one.luckily, there is no black market in address space. or at
least so the theory goes on arin and ripe public policy lists.
No, the theory goes that there *IS* a black market and changing ARIN
or RIPE policies to make it a white market would be a bad idea. Better
to help ARIN to document the fact that this is not a valid allocation
so that they can recover the block.
--Michael Dillon
[snip]
"See no evil, hear no evil, fear no evil"
The (human) operators who cared have been pushed out by the
(coprorate) operators who would rather disavow responsibility,
turn up quickly, and book the revenue instead of vetting any
customer claims for basis in fact or reason. Customer
filtering -even when black hats drive an AS- is Not Hard if
the backbones (nets) displayed actual backbone (spine).
I would argue the same for any/all security issues. If people would just shut off $VALUE, we'd have a lot fewer problems on the network. I will concede the problem is making it scale and viable for some parties. The ones that don't make the inherent security of the global network a priority are dragging the average down.
- jared
VALUE = ( infected host ip/customer, route leaker/hijacker, nonfiltering customer, ... )
The (human) operators who cared have been pushed out by the
(coprorate) operators who would rather disavow responsibility,
turn up quickly, and book the revenue instead of vetting any
customer claims for basis in fact or reason. Customer
filtering -even when black hats drive an AS- is Not Hard if
the backbones (nets) displayed actual backbone (spine).
there is a reason i am in japan. well, many actually.
randy