ARIN Fraud Reporting Form ... Don't waste your time

• Previous message (by thread): ARIN Fraud Reporting Form ... Don't waste your time
• Next message (by thread): ARIN Fraud Reporting Form ... Don't waste your time
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 
> So what you're saying is that ARIN should publish data on the rightful
> users of the number resources in some online database?
> 
> (maybe they could call it WHOIS)
> 
> --
> Dave

So ARIN is in the process of verifying their contacts database.
Organizations with an unreachable contact might be a good place to plant
a "dig here" sign.

Maybe when one of us retires, we could engage in a little research
project as a community service or something. A first step might be
matching ASN resources to unreachable contacts.  Then to collect the low
hanging fruit, find the ASNs found above that are NOT in the routing
table and attempt to match those up with organizations and see if those
organizations even still exist.  For the ones that obviously no longer
exist, create a report of the ASNs and any other number resources
associated with that organization and provide that information to the
registrar.  

Then you go through the ones that ARE in the routing table.  Any of
those organizations that are obviously defunct would be the next higher
level of fruit.  This would be particularly true if a historical look at
routing information shows the AS was in the table at some point,
disappeared after the organization went defunct, and then suddenly
appeared again in a completely different region of the planet with name
resources pointing to a completely different organization than the
number resources.  Then if a suspicious operator is discovered, it must
be reported to their upstream, the registrar with involved with the
number resources, and the community.

See how this goes?  It takes someone working on this that has access to
a lot of information and has the time to do it.  It also has to be
someone that isn't a "loose cannon" and can dig through it in a
methodical fashion and whether or not "spam" has come from the address
space really has no bearing on the process.  At least it has no bearing
on the process up to that point.  All that is being done is to "weed"
the database of defunct resources.  

So while the DMV doesn't go after car theft, this is more along the
lines of stealing a neighbor's license plate from that old car in the
back field, making a sticker to put on it, and driving around as if it
is a legitimate plate.  The DMV records would show who that license
plate belongs to and a police officer in a traffic stop would find out
in short order that the plate is defunct but the database available to
internet operators is so poor that there really is no way to be sure if
the data being returned is actionable or not.

G

• Previous message (by thread): ARIN Fraud Reporting Form ... Don't waste your time
• Next message (by thread): ARIN Fraud Reporting Form ... Don't waste your time
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]