Russian aligned ASNs?

Mon Feb 28 17:54:02 UTC 2022

They have the skills and the ability to stop it but the people who report the traffic represent 0% of their revenue so they could care less.    It’s the same actors every single day.   Microsoft,  Amazon, Google, Phychz Networks, Digital Ocean, etc. that spew garbage from their networks.   For a while we would send abuse reports because management felt it would do nothing even though we told them it wouldn’t.       Out all of the reports sent I only ever saw one response that wasn’t a canned response and it was from Microsoft that basically said “Yea, we know it’s an issue but they pay us and you don’t so block it yourself”.

Of course it it’s your customer that’s sending them crap traffic they will go nuclear if you don’t remove the offending traffic in .1337 seconds.

-richey

From: Mike Hammett <nanog at ics-il.net>
Date: Monday, February 28, 2022 at 10:43 AM
To: richey goldberg <richey.goldberg at gmail.com>
Cc: North American Network Operators Group <nanog at nanog.org>
Subject: Re: Russian aligned ASNs?
So the providers most likely to have the skills and capabilities to automate abuse mitigation are the least likely to do anything about it, even when asked?

</sarcasm>

-----
Mike Hammett
Intelligent Computing Solutions<http://www.ics-il.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>
Midwest Internet Exchange<http://www.midwest-ix.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix>
The Brothers WISP<http://www.thebrotherswisp.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png]<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
________________________________
From: "richey goldberg" <richey.goldberg at gmail.com>
To: "North American Network Operators Group" <nanog at nanog.org>
Sent: Thursday, February 24, 2022 9:16:13 PM
Subject: Re: Russian aligned ASNs?
I don’t think that refusing Russian ASNs will do much to stop any kind of attacks.   They are going to attack from botnets that are global so that’s not going to stop them.    If anything blocking Russian ASNs will stop the flow of information going into Russia.     I think we’re better off doing what we can to take down any machines that are participating in attacks if they live on machines that are downstream from you.   One of the biggest issues I face in my daily tasks is getting other provers to take down machines.   I’m talking to you Microsoft, Amazon, Digital Ocean and the likes…..

-richey

From: NANOG <nanog-bounces+richey.goldberg=gmail.com at nanog.org> on behalf of William Allen Simpson <william.allen.simpson at gmail.com>
Date: Thursday, February 24, 2022 at 7:41 PM
To: North American Network Operators Group <nanog at nanog.org>
Subject: Russian aligned ASNs?
There have been reports of DDoS and new targeted malware attacks.

There were questions in the media about cutting off the Internet.

Apparently some Russian government sites have already cut themselves
off, presumably to avoid counterattacks.

Would it improve Internet health to refuse Russian ASN announcements?

What is our community doing to assist Ukraine against these attacks?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220228/b7016c3b/attachment.html>