Hello,
It's pretty disheartening to see the way this situation was dealt with. =
To this day as I am writing this e-mail I have not received any phone =
calls or even e-mails on what was done wrong and how it should be =
handled. Everything was done behind our backs by the people that have =
the power to cause problems knowing that I will have no recourse. It =
takes a few seconds to place a phone call and give guidance on the =
situation. Especially by the likes of HE which we have given business =
to and continue to give business to. =20
Well I guess that there is no point in going on with this topic. =
Officially I am declaring surrender and victory to the people that have =
chosen to cause so much harm. Would like to thank all of you that have =
given support and e-mailed me with how to obtain correct allocation from =
ARIN. And the wheels are already in motion and will be completed next =
week.
Hopefully Atrivo and myself are not blacklisted in this group, since we =
caused nobody any harm. We did follow all the guidelines that Arin has =
put in place, but now it's my understanding that due to our size only a =
direct allocation makes any sense.
Thanks and let's all try to help each other and not go against each =
other. It will make our lives just that much easier! =20
Atrivo - Web Innovation
Emil Kacperski
Phone: 925-550-3947
E-mail: emil@atrivo.com
ICQ: 23531098
I had heard that Atrivo had squatted some space from Ready Systems
(138.121.0.0/16) that was an abandoned wasteland. I had also heard that
this was brought to the attention of everyone who was squatting that
space.
Now, my information may be wrong, however I consider the source to be
quite reliable.
If my information _is_ reliable, things weren't done behind anyone's
back, and this wouldn't be the first instance of questionable behaviour.
I don't think you are at all wrong; at this time Atrivo (AS) are still
announcing blocks in three Class B's that are assigned to other people:
138.121.0.0/16 listed as Ready Systems
146.100.0.0/16 listed as Zust-Ambrosetti (in Italy)
170.208.0.0/16 listed as Los Angeles County ISD
Here are the full current routing tables for those blocks ...
138.121.16.0/21 10912 Internap
138.121.52.0/24 16631 Cogent
138.121.53.0/24 16631 Cogent
138.121.56.0/22 16631 Cogent ***
138.121.128.0/19 26346 27595 Atrivo
138.121.224.0/20 6939 Hurricane Electric
170.208.0.0/24 16631 Cogent
170.208.0.0/20 4474 27595 Atrivo
170.208.6.0/24 16631 Cogent
170.208.7.0/24 16631 Cogent
170.208.8.0/24 16631 Cogent
146.100.32.0/19 4474 NLayer
146.100.48.0/20 4474 27595 Atrivo
146.100.64.0/19 4474 NLayer
I have successfully pinged one IP in each of the blocks in that list,
so I am fully satisfied that all the blocks are live and being routed.
I personally telephoned Cogent's NOC two days ago to ensure they were
aware of the situation; I also attempted to reach Michael J. Hammons
(Sr. Director of Operations at Cogent) when no action was taken, but
was unable to reach him and my call was not subsequently returned.
I hope to have some helpful news of a short term remedy fairly soon.
I see some of the 138.121 space on my network, I'll remove that right away.
You may remove any 138.121.0.0/16 space transiting 26346 I just removed it
all.
Atrivo is presently only transiting 69.1.78.0/24 via 26346 which is space I
assigned him from my netblock.
You might want to have a look at 65.77.130.0/24 and AS26458 while you at
it:
http://www.spamhaus.org/sbl/listings.lasso?isp=wworks.net&-nothing=Search
However if we are going to go over every stolen and spammer network one
by one in nanog this is going to take years. People might want to start
going here:
http://www.spamhaus.org/sbl/index.lasso
and checking to see if they have (and how many) entries they have under
"Find Listings under: " for their company. There is a good likelyhood that
listings their are actual spammers (perhaps with stolen netblocks) as SBL
has a pretty low false positive rate.
I notice a few recent posters to here (in other threads) have entries some
of which are the yellow ones indicating known spam gangs.
I don't mean to hijack the thread, but as an early victim of 69/8 space,
are you still getting many complaints from customers about reachability
issues from that space? According to
http://69box.atlantic.net/cgi-bin/bogon
there are still hundreds of networks with outdated bogon filters
blocking/ignoring 69/8.
Please, hijack away with the anonymous cowards posting and the witch hunt
its become pretty useless.
However, my self the complaints have entirely stopped. We haven't had an
issue of reachability brought up now since the very tail end of 2002. Rob
Thomas can probably speak to reachability better. I believe he was going to
do some testing on reachability and colocated some boxes on 69/8 space. I'd
have to say though there has been real movement in this area.
----- Original Message > On Sat, 3 May 2003, Scott Granados wrote:
> You may remove any 138.121.0.0/16 space transiting 26346 I just removed
it
> all.
>
> Atrivo is presently only transiting 69.1.78.0/24 via 26346 which is
space I
However, my self the complaints have entirely stopped. We haven't had an
issue of reachability brought up now since the very tail end of 2002. Rob
Thomas can probably speak to reachability better. I believe he was going to
do some testing on reachability and colocated some boxes on 69/8 space. I'd
have to say though there has been real movement in this area.
I actually did that shortly after ARIN issued a block of 69/8 to
Atlantic.Net and posted the live results at the URL I'd mentioned.
We're down to about half the number of hosts behind 69/8 filters as when I
first completed the ping sweep that this data is based on, but there are
still hundreds of unreachable networks.
[snip]
I personally telephoned Cogent's NOC two days ago to ensure they were
aware of the situation; I also attempted to reach Michael J. Hammons
(Sr. Director of Operations at Cogent) when no action was taken, but
was unable to reach him and my call was not subsequently returned.
based on Cogent's apparent unwillingness to terminate their spamming
customers (AS7869 - RelayPoint; but see also
The Spamhaus Project),
this comes as not much of a surprise to me, at least.
*grumble*
Actually, that does come as a surprise to me.
They used to have a fellow who worked the abuse desk. Dave something I
appologise I can't remember his last name. He was very good at follow-up
and followed up on everything from spam complaints to infected machines,
worms etc. I have no idea if he's still there but he was quite good and I
would think they would respond to this issue.
At one time Cogent did take spam very seriously but maybe that's changed.
They used to have a fellow who worked the abuse desk.
Dave something I apologise I can't remember his last name.
He was very good at follow-up and followed up on everything
from spam complaints to infected machines, worms etc.
They (Cogent) did indeed have David Harlow as Supervisor of their Abuse
team until very recently indeed. David had achieved almost-universal
industry respect for what he had managed to achieve at Cogent.
I have no idea if he's still there
I understand from both sides that David left Cogent on amicable terms;
I'm obviously not at liberty to say where he went but I would regard
his new position as a positive career move!
one time Cogent did take spam very seriously but maybe that's changed.
You are absolutely right. I have since managed to reach Cogent at the
right "level" and was able to ensure they are now aware of the problem.
Cogent has now removed a lot of the routing but despite the assurances
Emil Kacperski gave us here, Atrivo are still announcing the Los Angeles
County ISD bloc (170.208.0.0/16), this time via NLayer ...
138.121.16.0/21 10912 Internap
138.121.52.0/24 16631 Cogent
138.121.53.0/24 16631 Cogent
138.121.56.0/22 16631 Cogent
138.121.128.0/19 16631 27595 Atrivo via Cogent
138.121.224.0/20 6939 Hurricane Electric
170.208.6.0/24 4474 27595 Atrivo via NLayer
170.208.7.0/24 4474 27595 Atrivo via NLayer
170.208.15.0/24 4474 27595 Atrivo via NLayer
146.100.32.0/19 4474 27595 Atrivo via NLayer
146.100.48.0/20 4474 27595 Atrivo via NLayer