Lightly used IP addresses

Fri Aug 13 22:21:56 UTC 2010

Sounds like your place is where the spammers should camp out....

Here I know we have eaten costs of term liability and cancelled contracts more than the dollar figures you have mentioned below to keep the net clean. Sad that it appears you may not be willing to put the money where your mouth is. 

If anyone sees us (2914) routing space of this sort and does not get a favorable response let me know in private. I will personally follow up on any issues. I may not be able to respond due to customer privacy issues but surely we need to be aware of badness so we can clean it up. 

Hope you are in the same position to clean up and terminate people that pose the risk to the Internet. 

Jared Mauch

On Aug 13, 2010, at 5:25 PM, Ken Chase <ken at sizone.org> wrote:

> On Fri, Aug 13, 2010 at 05:00:04PM -0400, Jared Mauch said:
>> I know of several large providers that would stop routing such "rogue" space. 
> 
> Really? They'd take a seriously delinquent (and we're only talking about non
> payment after several months to Arin, not spammers or other 'criminal'
> elements) that's still paying for their transit and cut off their prefix
> announcements? I dont know that that's true for most outfits in these tough
> times. Nixing a $5000 or $10000+ MRC revenue stream probably requires some
> hard thought at high levels in most outfits.
> 
>> Any provider that isn't prepared to deal with such a possible customer
>  threat or problem you don't want to be associating with. They likely harbor
>  other badness as well.
> 
> Possibly, but this isnt that much of a gateway drug. I know lots of companies
> in a financial crunch right now, and if losing the i-a.a reverse is the only
> effect of being late on a payment 'til the sun starts shining again' when
> their own customers start making good on old invoices, then I think many
> others would choose to delay paying ARIN instead. 
> 
> When things get tough, payables are readily triaged into high and low
> priority. Perhaps NOC peeps on this list arent exposed to such decisions made
> in other departments - we run a small operation here so we're all part of such
> things. Some harsh realities in business sometimes!
> 
> In many cases I suspect ARIN ends up as low priority, without any criminal
> mindset in operation putting them there - some of these operators might even
> be altruistically thinking of their employees too - we know how fast service
> goes stale in a multi-day outtage - losing connectivity may mean employees are
> soon not paid and literally go hungry. So most outfits will pay their
> upstreams before ARIN - and they can keep their revenue streams going and pay
> their employees - and in the long run, one day maybe pay ARIN too. Who
> disagrees? Go from that example to paying for power/colo, phone, etc and tell
> me where ARIN is on your triage list during a cashflow event.
> 
>> It may take some time to catch up to them but we have seen more of these
>  rogue elements end up with people refusing to sell to them or law
>  enforcement taking some action.
> 
> I know of a few such entities that are semi-chronically late in paying ARIN,
> but they still havent taken on spammers or Chinese intelligence
> operations/cyberwar plaforms as customers yet, despite your broken broken
> window/gateway drug analogy. It aint all black and white, there's lots of gray
> out there, and organizations that are forced into unfortunate circumstance
> through current economics, possibly mismanagement and cluelessness too, but
> without any malice at work.
> 
>> If your management does not realize they are buying from possible
>  criminals, you get what you pay for.
> 
> If the criminals all wore t shirts that said they're part of the club that'd be easy.
> When a company is having a cashflow issues, I'd say they're just in a very big club.
> If they manage to pay me, I dont ask any questions about the ethics of their triaging
> of other payables.
> 
>> I've found a number of cases where providers are actually doing mitm and
>  stealing SIP credentials for fraud. Make sure you actually have good
>  controls and communication for when things hit the fan....
> 
> Examples of shitty fans, and controls? just want a better idea of what you're referring
> to.
> 
> /kc
> -- 
> Ken Chase - ken at heavycomputing.ca - +1 416 897 6284 - Toronto CANADA
> Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.