I welcome any further comments you have.
We have to get past people such as yourself, and your blasphemous and false statements.
This is the same issue with the recent media and self-proclaimed "Security Researchers". Fly-by-night mind you.
To help you out in your claims:
Yes, we did house a client whom had quite a run with their client's from various locations, such as Russia.
That Client is no longer hosted on our network. I myself spent all of monday afternoon, night, and tuesday morning shutting off EVERY machine they had leased in our Billing System. I'm currently working to scan further and see if there's anything I may have missed.
Yes, Russia is very well known for Virus and Malware writer's.
Yes, we have had issues with malware distribution from our network.
This was directly and near singularly related to the former client of ours. We did have another client, Hostfresh, whom had their share of malware issues.
Both have been completely and effectively removed. The server's leased to both of them have been canceled, and their machines have been shutoff.
Let me know if there's anything else you'd like me to state to the public.
We're on a rocky road right now. But it IS starting to smooth out.
Ferg was just being coy -- what you don't understand is there are about 3 other
security mailing lists plotting to TAKE YOUR SERVICE DOWN. You FAIL. Law
Enforcement might not take action against you (but appear to be interested now),
but the community can. GET OFF THE NET WITH YOUR MALWARE!
You mistake me for someone who believes you pack of lies! Don't you
understand each
time you post to this list gives those of us who know the opportunity
to post MORE EVIDENCE
of your MALWARE?
You disconnected Hostfresh and think that's the extent of your cimes?
Gimme a break.
Only those who are easily socially engineered would believe your
pathetic claims of innocence.
You've BEEN HOSTING MALWARE since 2003 -- SEE Nanog post:
With regards to the "prefix shuffle" to Cernel, I think that speaks for
itself.
With regards to "...another of Emil's networks...", I don't believe that to
be true. In fact, I think Emil is just a pawn in this entire mess.
It is clear to me -- at least -- that this entire criminal operation is
being operated out of Eastern Europe, and their foothold in the U.S. is the
major issue here.
This is the major heartburn -- ISPs and network operators in the U.S. seem
not to care about these issues, and it becomes an 'unpopular' effort to
purge these activities in this audience.
It is clear to me -- at least -- that this entire criminal
operation is being operated out of Eastern Europe, and their
foothold in the U.S. is the major issue here.
If you believe that this is a criminal operation then you
should keep this discussion OFF THE LIST and discourage
anyone from taking any action against the bad guys that
might disrupt evidence gathering. If this is a criminal
matter, then it is best to keep quiet, collect good evidence,
and go to court. Better to get a court injunction ordering
them to stop sending malware, and then collect evidence
showing that they violated the injunction. To do this,
they need to have functioning upstream connections to your
network.
NANOG is not the place to discuss these things.
None of this is network operational. The whole discussion
amounts to a shouting match between vigilantes and their
victims. Some of those victims might also be bad guys, but
a shouting match on NANOG does not prove this one way or
the other.