|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re[2]: The in-your-face hijacking example, was: Re: Who is announcing bogons?
On Wed, 30 Apr 2003 16:46 (UT), Scott Granados <[email protected]> wrote: | Clearly someone or something at Arin has given authority to this block | to be used and that authorized figure has requested service from us. I wouldn't say it was at all clear that "someone or something" at ARIN has given any authority for anything. Some - indeed several - records at ARIN have clearly been changed - fairly recently (the handle ISC1 on 2003-03-05, and the Netblock 170.208.0.0/16 on 2003-03-04, AS 27595 on 2003-04-07 - but netblock 170.208.0.0/20 was created before any of that, on 2003-01-23, and has AFAICT not changed since then. Previously ISD-1 showed: OrgName: ISD OrgID: ISD-1 Address: 1324 South Ridge Parkway (Mapquest confirms no such address) City: Beverly Hills StateProv: CA PostalCode: 90210 Updated: 2003-01-23 TechHandle: DS127-ARIN TechName: Shelley, Dennis TechPhone: +1-213-246-6565 (mobile range, number not in service) TechEmail: dshelley58#netscape.net So there was a change to ISD1 on the same day that 170.208.0.0/20 was created, where the address/phone number were a total fiction and the email address was at a free email service and probably untraceable? ARIN shows that block as being LANET-1; LANET-1 is listed by ARIN as: OrgName: State of Louisiana OrgID: STATEO-4 Address: Department of Health and Hospitals Address: Information Services Address: PO Box 3013 City: Baton Rouge StateProv: LA PostalCode: 70821 Country: US ASNumber: 2048 ASName: LANET-1 ASHandle: AS2048 RegDate: 1992-12-07 Updated: 1995-05-22 TechHandle: JL141-ARIN TechName: Joseph Lanier TechPhone: +1-504-342-7701 TechEmail: blanier#doa.state.la.us (Of course, the postholders have changed and there's been an area code split since 1992 ... this is an ANCIENT /16 block!) | Unless I'm missing something obvious <which is possible> Well, Kai summarised it rather well when he asked: > How many owners of a /16 do you know that use an MBE/UPS > Store address as their primary place of business? More to the point, do you not do credit checks as part of your "Due Diligence" these days? What credit check would pass when the primary address is at an MBE/UPS Store? I'm happy to give full credit to the Spamhaus Project, and ARIN, as sources of some of the information I used during this investigation. Full details of Spamhaus records are at: http://snurl.com/19fq I've had to delay reporting this by about six hours as, out of courtesy, I wanted to ensure that the appropriate people at Baton Rouge were aware of the situation before anything was announced. -- Richard Cox
|