ARIN whois contact abuse from ipv4depot aka Silicon Desert International Inc

Thu Oct 12 17:48:58 UTC 2023

RIPE != ARIN

RIPE has a very lessez faire attitude towards network abuse and always has. It’s rather unfortunate.

ARIN, OTOH, has a clear understanding of their mandate, and they won’t pursue abuse outside of that mandate (e.g. general SPAM complaints, DDOS, etc.), but they will pursue complaints within their mandate pretty effectively (e.g. abuse of WHOIS data beyond the AUP, fraudulent address acquisition, incorrect WHOIS data, etc.)

YMMV.

Owen

> On Oct 12, 2023, at 09:59, Laura Smith via NANOG <nanog at nanog.org> wrote:
> 
> Honestly Mike I don't think they care.
> 
> I mean, most (all ?) of the registries still can't be bothered to validate the information the resource holders post to the database.  Last time I asked, e.g. RIPE about it, they basically said "not my problem guv" , pointed me to some policy document that said members should provide correct details and well, that was about it.
> 
> So if they don't do that, then what hope is there for them doing something about the harvesters ?
> 
> 
> ------- Original Message -------
> On Thursday, October 12th, 2023 at 17:08, Mike Hammett <nanog at ics-il.net> wrote:
> 
> 
>> Do we know if the organizations with key Internet resources (ARIN, RIPE, PeeringDB, etc.) have any honeypots in their arsenal? Obviously, publicly knowing about it kind of defeats the purpose of it, but that might be a way to help be proactive - make fake entries with unique contact information to catch those harvesting.
>> 
>> 
>> 
>> -----
>> Mike Hammett
>> Intelligent Computing Solutions
>> http://www.ics-il.com
>> 
>> Midwest-IX
>> http://www.midwest-ix.com
>> 
>> 
>> From: "Mel Beckman" <mel at beckman.org>
>> To: "Tom Beecher" <beecher at beecher.cc>
>> Cc: "nanog at nanog.org list" <nanog at nanog.org>
>> Sent: Thursday, October 12, 2023 11:01:20 AM
>> Subject: Re: ARIN whois contact abuse from ipv4depot aka Silicon Desert International Inc
>> 
>> Tom,
>> When an ARIN member violates their agreement and spams from ARIN’s databases, it’s not just an “Internet is fertile ground” deal. It’s a betrayal of a legal trust, one that demands accountability. I’m quite happy that ARIN promptly responds to these abuses, and gets results. That only works if victims report spam and compare notes. Let the “fertile ground” be elsewhere!
>> 
>>  -mel beckman
>> 
>> 
>>> On Oct 12, 2023, at 8:49 AM, Tom Beecher <beecher at beecher.cc> wrote:
>> 
>>> 
>>> 
>>>> It's ridiculous that they resort to scraping public lists and DBs to try and achieve what they're attempting to do.
>>> 
>>> 
>>> Everyone is always looking for information they can use to advance some agenda or purpose. The internet is fertile ground for that. Always has been, always will be. 
>>> 
>>> Not taking shots at anyone here, but I am boggled why this is a common public complaint. Block the sender and move on. 
>>> 
>>> On Wed, Oct 11, 2023 at 7:56 PM Peter Potvin via NANOG <nanog at nanog.org> wrote:
>>> 
>>>> Definitely have received this same spam multiple times and so have a few others I know. It's ridiculous that they resort to scraping public lists and DBs to try and achieve what they're attempting to do.
>>>> Regards,Peter Potvin | Executive Director
>>>> ------------------------------------------------------------------------------
>>>> Accuris Technologies Ltd.
>>>> 
>>>> 
>>>> On Wed, Oct 11, 2023 at 7:52 PM Eric Kuhnke <eric.kuhnke at gmail.com> wrote:
>>>> 
>>>>> Is anyone else receiving spam from this organization? Based on the contents of the cold solicitations they are sending us, and the addresses being sent to, they have scraped ARIN WHOIS data for noc and abuse POC contact info and recent ipv4 block transfers. 
>>>>> It's trivially easy to block their entire domain at the mail server level, of course...
>>>>> 
>>>>> 