Interesting Point of view - Russian police and RIPE accused of aiding RBN
noc.akrino at gmail.com
Sat Nov 7 15:58:39 CST 2009
Hello, Jeffery and other NANOC members.
Sorry for making another thread - I'm not too experienced in mailgroups.
The problem is in structure of new generation advert or banner networks -
they allow to return other subject traffic to the partner's URL. And this
could also be used to redirect the traffic to different exploits (a simple
way to compromise a banner network or hosting provider). This is extremely
hard to monitor or to take preventive measures in case of a large banner or
advert network. Unfortunately Google doesn't provide a detailed report on
their check results: this could allow the resource's owner easily block
their partners in that case.
Anyway I'll contact the owner of this resource (188.8.131.52) now in order
to perform a check of their partners. I suppose, just having a few domains
would be enough.
The other resource is situated on the public ip of our reseller - I'll ask
him to check this domain, too.
Thank you for that information, I'll report on that issue later.
Akrino Support Team
2009/11/7 Jeffrey Lyon <jeffrey.lyon at blacklotus.net>
> Can you please detail your plans to correct the malware issues on your
> network? (reference:
> http://google.com/safebrowsing/diagnostic?site=AS:44571 ).
> Best regards, Jeff
> [offlist communication snipped for privacy]
> > Kanak
> > Akrino Abuse Team
> Jeffrey Lyon, Leadership Team
> jeffrey.lyon at blacklotus.net | http://www.blacklotus.net
> Black Lotus Communications of The IRC Company, Inc.
> Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
> 21 to find out how to "protect your booty."
More information about the NANOG