23,000 IP addresses
nenolod at systeminplace.net
Tue May 10 09:37:23 CDT 2011
On Tue, 10 May 2011 10:22:03 -0400
Christopher Morrow <morrowc.lists at gmail.com> wrote:
> On Tue, May 10, 2011 at 10:15 AM, Scott Brim <scott.brim at gmail.com>
> > On Tue, May 10, 2011 at 09:42, Leigh Porter
> > <leigh.porter at ukbroadband.com> wrote:
> >> So are they basing this on you downloading it or on making it
> >> available for others?
> > Without knowing the details, I wouldn't assume any such level of
> > competence or integrity. It could just be a broad witch hunt.
> I know of a decent sized global ISP that ran (runs?) a large darknet
> that was the equivalent of a few /16's routed to a fbsd host running
> 'tcpdump' (a tad more complex, but essentially this). BayTSP (one of
> the 'make legal threats for the mpaa/riaa' firms) sent ~2k notes to
> the ISP about downloaders on these ips.
> Looking at netflow data (sample 1:1 on that interface) they had
> portscanned (from ip space registered in their name) each address in
> the range and sent subpoena-material to all ips that they thought they
> got a response from.
> At least baytsp got theirs? (money I mean)
Do you have any links to evidence of this? I would love to just be
able to automatically throw BayTSP mails in the garbage, but I can't
just blindly do it if there is any chance of them being legitimate.
More information about the NANOG