North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re[2]: Open relays and open proxies

  • From: Richard Cox
  • Date: Fri Apr 25 15:10:53 2003

On Fri, 25 Apr 2003 16:03 (UT), Joe St Sauver <[email protected]>
wrote:

| And of course, no-more-viruses.com is a perfect example of a domain
| whose web site obtains transit from that fabulous far eastern
| "bulletproof ASN", AS9929. For context, AS9929 also has provided
| transit for hosts from a few other domains you may recognize

{SNIP!}

| I believe that to make progress on the let's-go-after-their-web-hosting
| approach, you'll need to convince AS9929's upstreams, Sprint and Cable
| and Wireless, to pull the plug (which they probably won't do) or at least
| convince them to enforce an acceptable use policy on their customers
| (which they can only do if they're willing to pull the plug for
| non-compliance, which I don't believe they're willing to do in this case).

According to the CIDR report there are rather more than two upstreams.
Apart from Sprint and Cable and Wireless, they include ...

    AS1       GNTY-1 Genuity
    AS2516    KDDI KDDI CORPORATION
    AS3549    GBLX Global Crossing
    AS3356    LEVEL3 Level 3 Communications, LLC
    AS701     ALTERNET-AS UUNET Technologies, Inc.

| But hey, I'd love to be proven wrong.

I'd love to be able to do that.  But I can get to halfway, as I believe
those comments are no longer valid where Sprint is concerned.  They may
have been based on Sprint's historic notoriety, but Sprint has seen major
changes in th last year.

When I was recently investigating the hijacked /16s, for each case that
we identified that was being announced over Sprint, those announcements
were filtered by Sprint within *ten minutes* of my initial phone call.

That does _not_ sound anything like an abuse-tolerant network to me.

As far as Cable and Wireless are concerned, it would be difficult for
them to complain of abuse tolerance by a downstream while their own
hosting company, Exodus, is considered unresponsive on abuse matters.

If they did it would no doubt be a case of "Pot, Kettle, Black Hat"!

-- 
Richard Cox