Prefix hijacking by Michael Lindsay via Internap
Randy
randy_94108 at yahoo.com
Sun Aug 21 02:07:50 UTC 2011
Your claim Denis Spirin really-stinks!
./randy
--- On Sat, 8/20/11, Arturo Servin <arturo.servin at gmail.com> wrote:
> From: Arturo Servin <arturo.servin at gmail.com>
> Subject: Re: Prefix hijacking by Michael Lindsay via Internap
> To: "Denis Spirin" <noc at link-telecom.net>
> Cc: nanog at nanog.org
> Date: Saturday, August 20, 2011, 6:39 PM
>
> What's the prefix you claim is
> hijacked?
>
> /as
>
> On 20 Aug 2011, at 22:05, Denis Spirin wrote:
>
> > Hello All,
> >
> > I was hired by the Russian ISP company to get it back
> to the business. Due
> > to impact of the financial crisis, the company was
> almost bankrupt, but then
> > found the investor and have a big wish to life again.
> >
> > When I tried to announce it's networks, upstreams
> rejected to accept it
> > because of Spamhaus listings. But our employer sworn
> there is not and was
> > not any spamming from the company. The Spamhaus lists
> all our networks as
> > spamming Zombies. And it IS announced and used now!!!
> The announce is from
> > American based company Internap (AS12182). I wrote the
> abuse report them,
> > but instead of stop unauthorized announces of our
> networks, I was contacted
> > by a person named 'Michael Lindsay' - he tell me he
> buy our networks from
> > some other people and demand we get back our abuse
> reports. Of course, we
> > don't. After a short googling, I found this is
> well-known cyber crime
> > person: http://www.spamhaus.org/rokso/listing.lasso?file=818&skip=0,
> and he
> > did IP hijacking with the fake letter of authorization
> before:
> > http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK8686
> so our company
> > is not a first victim of him. Yes, our company "help"
> him with the mistake
> > of loosing old domain link-telecom.biz he was also
> squatted. This domain was
> > listed as contact at RIPE Database.
> >
> > It is a good topic why these easy-to-forge LOAs is
> still in use, as
> > RADB/RIPE DB/other routing database with the password
> access is a common
> > thing. But this is not the main thing. The main thing
> is why Internap helps
> > to commit a crime to the well-known felony person, and
> completely ignores
> > our requests? Is there any way to push them to stop
> doing that immediately?
> > If anybody can - please help...
>
>
>
More information about the NANOG
mailing list