US DOJ victim letter

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Sat Jan 28 10:30:47 CST 2012


On Fri, Jan 27, 2012 at 10:20:08PM -0500, Martin Hannigan wrote:
> On Fri, Jan 27, 2012 at 1:32 PM, Randy Epstein <nanog at hostleasing.net> wrote:
> >
> >
> > On 1/27/12 1:23 PM, "Valdis.Kletnieks at vt.edu" <Valdis.Kletnieks at vt.edu>
> > wrote:
> >
> >>On Fri, 27 Jan 2012 13:16:27 EST, Bryan Horstmann-Allen said:
> >>
> >>> Bit odd, if it's a phish. Even more odd if it's actually from the Fed.
> >>
> >>What if it's a phish from a compromised Fed box? :)
> >
> > We've spoken to folks at various FBI field offices and at 26 Plaza in New
> > York which is handling this case.  Further, John Curran (ARIN CEO) has
> > confirmed it's real via their own liaison and Paul Vixie is actually
> > working with them on this.
> >
> 
> 
> It's definitely real.
> 
> Best,
> 
> -M<
> 

	I missed the part where ARIN turned over its address database w/ associatedd
	registration information to the Fed ... I mean I've always advocated for 
	LEO access, but ther has been significant pushback fromm the community on
	unfettered access to that data.  As I recall, there are even policies and
	processes to limit/restrict external queries to prevent a DDos of the whois
	servers.  And some fairly strict policies on who gets dumps of the address
	space.  As far as I know (not very far) bundling the address database
	-and- the registration data are not available to mere mortals.

	So - just how DID the Fed get the data w/o violating ARIN policy?

/bill




More information about the NANOG mailing list