Botnets buying up IPv4 address space

Jeroen Massar jeroen at unfix.org
Wed Oct 12 12:41:36 CDT 2011


On 2011-10-12 19:34 , Carlos Martinez-Cagnazzo wrote:
> I don't buy the "bad-guys-rig-policies" thing... but well, I could be wrong.

Rigging is not the right name for it, which is why the original message
stated 'gaming', which is quite accurate. You just set up an official
(shell) company and thus get official papers for it and with that you go
to RIPE NCC (or any other RIR or LIR) and request a new chunk of address
space just like every other organization is able to do. Nothing much
that RIPE NCC can do about, as all the paperwork will check out just
fine and they will generally even pay the fees as well, they are making
money off it.

[..]
> My logs show that I get spam over IPv6, so some bad guys might be
> already doing it.

Spam will come over every path possible. If a compromised machine has
IPv6, it will thus also come over IPv6 if your MXs are reachable over
it. Just repeat: Long live SpamAssassin ;)

Greets,
 Jeroen



More information about the NANOG mailing list