Yet more hijacked space? -

arincop at arincop at
Sun May 4 07:05:13 UTC 2003

Since were on the topic of hijacked ipspace, i find myself wondering

"Deru, the name you can trust, from people you can trust." - Quoted from

Ok, so this is the name you can trust, from the people you can trust,
 right?  Well then, why would it appear that, the local ISP
you can trust is using hijacked ip space?

It would appear as if is using: has address

My handy dandy whois tool tells me this range belongs to:

OrgName:    Datability Software Systems, Inc.
OrgID:      DERU
Address:    14982 N 83rd PL Ste 201
City:       Scottsdale
StateProv:  AZ
PostalCode: 85260
Country:    US

NetRange: -
NetName:    DSS1
NetHandle:  NET-140-99-0-0-1
Parent:     NET-140-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.DERU.NET
NameServer: NS2.DERU.NET
RegDate:    1990-04-12
Updated:    2001-08-01

TechHandle: DW19-ARIN
TechName:   Wayrynen, Darin
TechPhone:  +1-480-998-7237
TechEmail:  darin at

Before this network was modified it contained: Datability Software Systems, Inc. NET-DSS1 322 Eighth Avenue
New York, NY 10001 US      C                DSS1
 Rupp, Richard L. (RLP39)        rich at PLUTO.DSS.COM
   (201) 438-2400

Handy dandy route-server tells us:>sh ip bgp l
BGP table version is 2788023425, local router ID is
Status codes: s suppressed, d damped, h history, * valid, > best, i -
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i140.99.0.0                100      0 1239 11588
2 7136 i
* i                       100      0 1239 11588
2 7136 i
*>i140.99.96.0/19                100      0 1239 11588
2 i
* i                       100      0 1239 11588
2 i
* i140.99.120.0/22                100      0 1239 11588
2 26978 i
*>i                       100      0 1239 11588
2 26978 i>

And once again, handy dandy whois tool tells us:

OrgName:    Only Networking Inc. (ONLY2-DOM)
OrgID:      ONIO
Address:    3443 North Central, 17th Floor
City:       Phoenix
StateProv:  AZ
PostalCode: 85013
Country:    US

ASNumber:   7136
ASName:     ONLY
ASHandle:   AS7136
RegDate:    1996-09-16
Updated:    1996-09-16

TechHandle: DW19-ARIN
TechName:   Wayrynen, Darin
TechPhone:  +1-480-998-7237
TechEmail:  darin at

Im finding it odd that not a single thing, other than the POC email for
a questionable /16 and the ASN announcing questionable /16 has anything
to do with

Also, my friend google tells me this:,


So it would appear that Datability Software Systems, Inc. was located
in Natick, Mass, and became Penril Datability Networks


It now appears that Penril Datability Networks was split up, with thier
assets being aquired by Bay Networks, and Access Beyond.


That leaves us with Access Beyond, a manufacturer of remote access telecom
products.  And whose website is now owned by a cybersquatter.

Now the question at hand is, at which point did this hardware company
become, the Internet Service Provider you can trust? was this
before, or after Penril Datability Networks Inc/Bay Networks/Access Beyond.?

Did everyone decide to move to arizona and start an ISP? or is this just
another example of IP hijacking that we all find ourselves taking a look

Can provide documents that say they bought or were aquired by
Datability Software Systems, Inc/Penril Datability Networks/Bay Networks/Access

There are other companies using this address space ( but
they dont have the appearance of owning a possibly hijacked /16


IP Police

Concerned about your privacy? Follow this link to get
FREE encrypted email: 

Big $$$ to be made with the HushMail Affiliate Program:

More information about the NANOG mailing list