On Mon, Nov 17, 2014 at 11:21:23AM +0300, Sander Steffann wrote: > Hi Ronald, > > > It now seems certain to me that the absence of anything even remotely > > approximating proper validation of RIPE route objects is not, in fact, > > a problem which is limited to just inter-RiR situations. Apparently, > > RIPE member LIRs can just as easily hijack the IP blocks of other > > RIPE members as they can in the case of IP blocks belonging to parties > > in other regions. > > I don't think so... > > To be able to create the route object > > route: 188.229.1.0/24 > descr: Netserv-Client > origin: AS43890 > mnt-by: NETSERV-MNT > source: RIPE > > Authorisation from both the address block > > inetnum: 188.229.0.0 - 188.229.63.255 > netname: LTE-4G > descr: new service for data > country: IR > admin-c: RL7844-RIPE > tech-c: RL7844-RIPE > status: ASSIGNED PA > mnt-by: MCCI-MNT > source: RIPE > > and the AS number > > aut-num: AS43890 > as-name: NETSERV-AS > descr: Netserv Consult SRL > [...] > org: ORG-SNCS6-RIPE > status: ASSIGNED > mnt-by: NETSERV-MNT > mnt-by: RIPE-NCC-END-MNT > mnt-routes: NETSERV-MNT > source: RIPE > > is required. So the route cannot be created unless MCCI-MNT and NETSERV-MNT > both authorise it.
The assignment of 188.229.0.0/17 to mci.ir is relatively recent, probably issued: changed: [email protected] 20141027 Previously it was inetnum: 188.229.0.0 - 188.229.127.255 netname: RO-NETSERV-20090729 descr: Netserv Consult SRL country: RO org: ORG-NCS8-RIPE admin-c: MINC-RIPE tech-c: NSC-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: NETSERV-MNT mnt-routes: NETSERV-MNT mnt-domains: NETSERV-MNT remarks: ------------------------------------ remarks: | Abuse e-mail: [email protected] | remarks: | Support e-mail: [email protected] | remarks: | Support phone: 4-0745888222 | remarks: ------------------------------------ and it indeed appeared to be leased to snowshoe spammers in its entirety. Similarly, inetnum: 31.2.128.0 - 31.2.255.255 netname: RO-NETSERV-20110405 descr: NETSERV CONSULT SRL country: RO org: ORG-NCS8-RIPE admin-c: MINC-RIPE tech-c: NSC-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: NETSERV-MNT mnt-routes: NETSERV-MNT mnt-domains: NETSERV-MNT remarks: ------------------------------------ remarks: | Abuse e-mail: [email protected] | remarks: | Support e-mail: [email protected] | remarks: | Support phone: 4-0745888222 | remarks: ------------------------------------ inetnum: 46.51.0.0 - 46.51.127.255 netname: RO-NETSERV-20100727 descr: Netserv Consult SRL country: RO org: ORG-NCS8-RIPE admin-c: MINC-RIPE tech-c: NSC-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: NETSERV-MNT mnt-routes: NETSERV-MNT mnt-domains: NETSERV-MNT remarks: ------------------------------------ remarks: | Abuse e-mail: [email protected] | remarks: | Support e-mail: [email protected] | remarks: | Support phone: 4-0745888222 | remarks: ------------------------------------ inetnum: 95.64.0.0 - 95.64.127.255 netname: RO-NETSERV-20081023 descr: Netserv Consult SRL country: RO org: ORG-NCS8-RIPE admin-c: MINC-RIPE tech-c: NSC-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: NETSERV-MNT mnt-routes: NETSERV-MNT mnt-domains: NETSERV-MNT remarks: ------------------------------------ remarks: | Abuse e-mail: [email protected] | remarks: | Support e-mail: [email protected] | remarks: | Support phone: 4-0745888222 | remarks: ------------------------------------ inetnum: 164.138.128.0 - 164.138.191.255 netname: RO-NETSERV-20120319 descr: NETSERV CONSULT SRL country: RO org: ORG-NCS8-RIPE admin-c: MINC-RIPE tech-c: NSC-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: NETSERV-MNT mnt-routes: NETSERV-MNT mnt-domains: NETSERV-MNT remarks: ------------------------------------ remarks: | Abuse e-mail: [email protected] | remarks: | Support e-mail: [email protected] | remarks: | Support phone: 4-0745888222 | remarks: ------------------------------------ So a possible scenario is that MCI.ir was in real need for IPv4 space, went on the market, found Netserv that had plenty of it unused (sort of) and made a deal with them. furio
