Monetizing IPv4 addresses / DiViNetworks
My apologies to all. I previously posted here some inaccurate information, which I must now retract and correct. I incorrectly asserted that "DiViNetworks has received $15 million USD worth of venture capital from the International Finance Corporation, a commercial lender and member of the World Bank Group." https://ifcext.ifc.org/ifcext/pressroom/IFCPressRoom.nsf/0/52F1A9E272AAFAB785257BE80051CB53 In fact, a proper reading of the press release above indicated that IFC only invested $5 million into DiViNetworks. Other public reports however suggest that the company has received at least $15 million USD in venture funding. It is not immediately clear where the additional $10 million USD might have come from. https://pitchbook.com/profiles/company/59066-56 https://www.bizety.com/2015/09/10/cool-startup-divinetworks/ As seen at the pitchbook.com link just above, the company may have used the following address as a U.S. business address in some instances: 1680 Michigan Avenue, Suite 700 Miami Beach, FL 33139 This location appears to be associated with "virtual office" rentals: https://www.davincivirtual.com/loc/us/florida/miami-beach-virtual-offices/facility-1149 On the company's own web site, it provides what would appear to be its one and only business address: https://divinetworks.com/ 10153 1/2 Riverside Drive #526 Los Angeles, CA The above address would appear to be home to a business known as "Mailbox Toluca Lake", which may or may not be a FedEx authorized shipping center: https://local.fedex.com/ca/los-angeles/61623/ The above addresses in Miami and Los Angeles would appear to be inconsistant with other easly findable online documents, including the IFC press release linked to above, which explicitly asserts that the company is located in Israel. It is not immediately clear why an Israeli company would have need of either (a) a virtual office in Miami or (b) a mail drop in Los Angeles. I have been unable to find any evidence of any current or historical state- level business registration for either "Divi Networks" or "DiviNetworks" or "Divi Group" in either Florida or California. The operation of business addresses in either or both states without registration may possibly be a violation of law in those states. It is certainly impossible for any business to file a state-level business tax return in any state in which that business is not registered, due to the lack of the required state business registration number which would have to appear on the tax return in question. As discussed in the IFC funding press release, the company appears to have begun life with the eminently laudable goal to "increase Internet transmission capacities and free up congested internet connections in 21 developing countries..." This is certainly a commendable goal by anyone's standards, and one fully worthy of funding from the commercial lending arm of the World Bank. That having been said, it is certainly within the realm of possibility that this initial business model may perhaps not have stood the test of time, and that providing services to developing economies may not have produced sufficent returns to keep the enterprise viable on a long term basis. I have found at least some evidence to suggest that the company may, at present, be pursuing a different business model. In the current era, there are two ways in which any party who can beg, borrow, or steal any large swath of IPv4 address can quickly and effectively monetize those addresses. (And these methods are not entirely exclusive of one another.) The traditional way of monetizing any large block of IPv4 addresses which the lessor does not have, or plan to have, a long term interest in is simply to sub-lease the addresses to snowshoe spammers. Unfortunately for those involved, if this strategy is pursued to the exclusion of any other it renders the IP addresses in question a "wasting asset". Their value declines over time as they become ever more widely blacklisted and thus ever more ineffective for spamming purposes. An alternative monetization strategy which has become increasingly prevalent and widspread in recent years and which does not, generally speaking, engender this "wasting asset" problem (and which also, conveniently, tends to attract entirely less public attention and scrutiny) is to "dress up" the IP block(s) in question, to the extent possible, via relevant RIR WHOIS records, in order to make them appear to be networks containing only Internet end-user "eyeballs". Specifically, the term "residential" is typically used as an integral part of these subterfuges, and a simple google search for "residential proxies" will, at present, turn up a veritable plethora of companies offering as a service exactly such fradulently "dressed up"
Re: DiViNetworks
How is it technically possible that they reuse unused bandwidth without some funky AS/Route announcement fun?! Anyone can explain that ? ~A On Thu, Feb 6, 2020 at 8:09 PM Ronald F. Guilmette wrote: > I mention in passing also that at the present time, DiViNetworks has > a grand total of some 6,070 unique route objects registered in the RADB > data base. > > Where I come from, that's a lot of routes. > >https://pastebin.com/raw/YeFBd1qZ > > I would be gnerally unconcerned if not for the fact that two of these > route objects (for 155.235.0.0/16 and 169.129.0.0/16) exactly cover > two AFRINIC legacy blocks that I feel I have proven to have been stolen > from AFRINIC legacy blocks holders, with the apparent collusion and > connivance of one particular gentleman who, coincidentally, I'm sure, > like DiViNetworks, also just happens to have offices in the greater > Tel Aviv metropolitan area. > > > Regards, > rfg > > > P.S. Online reports suggest that DiViNetworks has received $15 million > USD worth of venture capital from the International Finance Corporation, > a commercial lender and member of the World Bank Group. > > > https://ifcext.ifc.org/ifcext/pressroom/IFCPressRoom.nsf/0/52F1A9E272AAFAB785257BE80051CB53 > > https://en.wikipedia.org/wiki/International_Finance_Corporation >
DiViNetworks
I mention in passing also that at the present time, DiViNetworks has a grand total of some 6,070 unique route objects registered in the RADB data base. Where I come from, that's a lot of routes. https://pastebin.com/raw/YeFBd1qZ I would be gnerally unconcerned if not for the fact that two of these route objects (for 155.235.0.0/16 and 169.129.0.0/16) exactly cover two AFRINIC legacy blocks that I feel I have proven to have been stolen from AFRINIC legacy blocks holders, with the apparent collusion and connivance of one particular gentleman who, coincidentally, I'm sure, like DiViNetworks, also just happens to have offices in the greater Tel Aviv metropolitan area. Regards, rfg P.S. Online reports suggest that DiViNetworks has received $15 million USD worth of venture capital from the International Finance Corporation, a commercial lender and member of the World Bank Group. https://ifcext.ifc.org/ifcext/pressroom/IFCPressRoom.nsf/0/52F1A9E272AAFAB785257BE80051CB53 https://en.wikipedia.org/wiki/International_Finance_Corporation
Re: DiviNetworks
Regarding DiviNetworks... I am not personally persuaded that an Israeli company that inserted a route object into the RADB data base to act as a cover for the company's apparent theft of a nice juicy /16 AFRINIC region legacy block that actually belongs to, and belonged to a South African state owned oil company (Sasol) is actually worthy of the Internet equivalent of the Good Houskeeping[tm] seal of approval. route: 169.129.0.0/16 descr: This is a DiViNetworks customer route-object which is being exported under this origin AS12491 (origin AS). This route object was created because no existing route object with the same origin was found. Please contact supp...@divinetworks.com if you have any questions regarding this object. origin: AS12491 mnt-by: MAINT-AS57731 changed:e...@divinetworks.com 20161021 #19:55:26Z source: RADB Regards, rfg P.S. My past research into the company formally known as Netstyle Atarim Ltd. turned up the following interesting link, which may or may not be relevant: https://il.linkedin.com/in/erez-cohen-83402813 P.P.S. Sasol has taken steps, in recent months to assert and reclaim complete control over both of their two /16 AFRINIC region legacy blocks. I have had multiple late night (my time) conversations with officials there, right up to the Vice President level, regarding the unfortunate circumstances that led to parties other than Sasol routing one or both of their valuable AFRINIC legacy /16 blocks. At last check, Sasol officials were still considering wther or not to file formal police reports in South Africa regarding this matter. P.P.P.S. The above quoted fradulent route object is still present in the RADB data base as we speak. It is by no means alone.
Re: DiviNetworks
Agreed. I also would be very wary of any traffic that I don’t know about sourcing from my network. The amount of money spent on lawyers when something malicious comes though this ‘sharing’ , and I’m in the jackpot because it sourced from me, is likely going to be many multiples of whatever dollar amount I make back. And this doesn’t consider any contractual terms on your service that might not allow you to do this in the first place. Maybe some situations where it makes some sense for somebody, but too much risk for my tastes. On Thu, Feb 6, 2020 at 16:39 Mike Fuller via NANOG wrote: > I'd be very cautious about engaging with any company whose business model > is to get a short-term lease of your IP-space. Many companies use IP > reputation data, and so you are essentially lending that reputation to a > 3rd party, who may use it in ways you don't anticipate until the reputation > is sufficiently damaged, and then return it to you and move on to another > ISP. > > Some organizations' response to unwanted traffic is simply to block large > IP ranges or entire ASes, and not everyone is good about following-up and > expiring such blocks in the future. I realize your customers haven't > ended-up on any spam/abuse blocklists, but that doesn't mean they won't be, > or that their IP reputation hasn't already been affected in less obvious > ways. You should ask yourself if you are being sufficiently compensated > for these risks as reputable IPv4 space is at a premium, so replacing the > IPv4 space you lent out could get quite costly. > > -- > Mike Fuller :: Security Reliability Engineer :: Google :: AS15169 > > On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson wrote: > >> Have several networks using them. This he networks get paid, and no >> blacklists. Contact me off list if you want more details >> >> >> >> Justin Wilson >> li...@mtin.net >> >> >> — >> https://j2sw.com - All things jsw (AS209109) >> https://blog.j2sw.com - Podcast and Blog >> >> > On Feb 5, 2020, at 2:14 PM, Steve Saner wrote: >> > >> > Has anyone here worked with DiviNetworks (https://divinetworks.com/) >> to "sell" their unused bandwidth? >> > >> > I'd be curious to hear any thoughts or experiences. >> > >> > Steve >> > >> > -- >> > >> -- >> > Steven Saner Voice: >> 316-858-3000 <(316)%20858-3000> >> > Director of Network Operations Fax: >> 316-858-3001 <(316)%20858-3001> >> > Hubris Communications >> http://www.hubris.net >> > >> >>
Re: DiviNetworks
On Thu, Feb 6, 2020 at 1:37 PM Mike Fuller via NANOG wrote: > I'd be very cautious about engaging with any company whose business model is > to get a short-term lease of your IP-space. Many companies use IP reputation > data, and so you are essentially lending that reputation to a 3rd party, who > may use it in ways you don't anticipate until the reputation is sufficiently > damaged, and then return it to you and move on to another ISP. Hi Mike, They explain what they're doing in their documentation and for what it's worth they're probably telling the truth. Their business model is to facilitate pseudonymous web scraping. If you want to anonymously check out your competitors' pricing (anb automate it), you do it by accessing your competitors' web site through DiviNetworks' tunneled transits around the globe. https://divinetworks.com/nature-of-the-traffic/ So, if you're Cogent and you want to gather business data from ARIN Regards, Bill Herrin -- William Herrin b...@herrin.us https://bill.herrin.us/
RE: DiviNetworks
So interesting thing about Divi. I am a regional WISP operator and we did sign a deal with them and let them use our space. One of the issues we developed while they were active on our network was all of our IP’s started being homed in the UK for google. So anytime a customer would go to google or any google service, it would reroute us the .uk version of the site. This took about 6 months to start happening, so we didn’t have any issues for that long letting them use our IP space. After a day or so of us cutting them off it went away and never came back. I have discussed this with them at length in email phone and in person at conferences. They assured me that this wasn’t them, but when I turned it back on, the issue came back in under a week. Turn them off…. Goes away. So we removed their connection. This was over a year ago, and I have been talking with them again about this but am significantly more cautious about moving forward if for nothing else the above reason alone. Not to mention the other items Mike pointed out which are of the greatest concern. What they do is create a VPN connection on your edge router and utilize your IP space for Geo location IP services and allow their customers to use IP’s from all over the world to check their sites for compatibility/interoperability. That’s what they tell you. I’ve not seen any indication to believe otherwise in my dealings with them which is why we are talking with them again. From: NANOG On Behalf Of Justin Wilson Sent: Thursday, February 6, 2020 1:35 PM To: Mike Fuller Cc: nanog@nanog.org Subject: Re: DiviNetworks They don’t lease your IP space is the thing. Justin Wilson li...@mtin.net <mailto:li...@mtin.net> — https://j2sw.com - All things jsw (AS209109) https://blog.j2sw.com - Podcast and Blog On Feb 6, 2020, at 2:07 PM, Mike Fuller mailto:m...@google.com> > wrote: I'd be very cautious about engaging with any company whose business model is to get a short-term lease of your IP-space. Many companies use IP reputation data, and so you are essentially lending that reputation to a 3rd party, who may use it in ways you don't anticipate until the reputation is sufficiently damaged, and then return it to you and move on to another ISP. Some organizations' response to unwanted traffic is simply to block large IP ranges or entire ASes, and not everyone is good about following-up and expiring such blocks in the future. I realize your customers haven't ended-up on any spam/abuse blocklists, but that doesn't mean they won't be, or that their IP reputation hasn't already been affected in less obvious ways. You should ask yourself if you are being sufficiently compensated for these risks as reputable IPv4 space is at a premium, so replacing the IPv4 space you lent out could get quite costly. -- Mike Fuller :: Security Reliability Engineer :: Google :: AS15169 On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson mailto:li...@mtin.net> > wrote: Have several networks using them. This he networks get paid, and no blacklists. Contact me off list if you want more details Justin Wilson li...@mtin.net <mailto:li...@mtin.net> — https://j2sw.com <https://j2sw.com/> - All things jsw (AS209109) https://blog.j2sw.com <https://blog.j2sw.com/> - Podcast and Blog > On Feb 5, 2020, at 2:14 PM, Steve Saner <mailto:ssa...@hubris.net> > wrote: > > Has anyone here worked with DiviNetworks (https://divinetworks.com/) to > "sell" their unused bandwidth? > > I'd be curious to hear any thoughts or experiences. > > Steve > > -- > -- > Steven Saner mailto:ssa...@hubris.net> > > Voice: 316-858-3000 > Director of Network Operations Fax: 316-858-3001 > > Hubris Communicationshttp://www.hubris.net > <http://www.hubris.net/> >
Re: DiviNetworks
I'd be very cautious about engaging with any company whose business model is to get a short-term lease of your IP-space. Many companies use IP reputation data, and so you are essentially lending that reputation to a 3rd party, who may use it in ways you don't anticipate until the reputation is sufficiently damaged, and then return it to you and move on to another ISP. Some organizations' response to unwanted traffic is simply to block large IP ranges or entire ASes, and not everyone is good about following-up and expiring such blocks in the future. I realize your customers haven't ended-up on any spam/abuse blocklists, but that doesn't mean they won't be, or that their IP reputation hasn't already been affected in less obvious ways. You should ask yourself if you are being sufficiently compensated for these risks as reputable IPv4 space is at a premium, so replacing the IPv4 space you lent out could get quite costly. -- Mike Fuller :: Security Reliability Engineer :: Google :: AS15169 On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson wrote: > Have several networks using them. This he networks get paid, and no > blacklists. Contact me off list if you want more details > > > > Justin Wilson > li...@mtin.net > > > — > https://j2sw.com - All things jsw (AS209109) > https://blog.j2sw.com - Podcast and Blog > > > On Feb 5, 2020, at 2:14 PM, Steve Saner wrote: > > > > Has anyone here worked with DiviNetworks (https://divinetworks.com/) to > "sell" their unused bandwidth? > > > > I'd be curious to hear any thoughts or experiences. > > > > Steve > > > > -- > > > -- > > Steven Saner Voice: > 316-858-3000 <(316)%20858-3000> > > Director of Network Operations Fax: > 316-858-3001 <(316)%20858-3001> > > Hubris Communications > http://www.hubris.net > > > >
Re: DiviNetworks
They're not sending traffic from their own IPs, right? So they're leasing yours (whether they make that explicit or not). And that carries all the implications/risks Mike mentioned. Damian On Thu, Feb 6, 2020 at 12:37 PM Justin Wilson wrote: > They don’t lease your IP space is the thing. > > > Justin Wilson > li...@mtin.net > > > — > https://j2sw.com - All things jsw (AS209109) > https://blog.j2sw.com - Podcast and Blog > > On Feb 6, 2020, at 2:07 PM, Mike Fuller wrote: > > I'd be very cautious about engaging with any company whose business model > is to get a short-term lease of your IP-space. Many companies use IP > reputation data, and so you are essentially lending that reputation to a > 3rd party, who may use it in ways you don't anticipate until the reputation > is sufficiently damaged, and then return it to you and move on to another > ISP. > > Some organizations' response to unwanted traffic is simply to block large > IP ranges or entire ASes, and not everyone is good about following-up and > expiring such blocks in the future. I realize your customers haven't > ended-up on any spam/abuse blocklists, but that doesn't mean they won't be, > or that their IP reputation hasn't already been affected in less obvious > ways. You should ask yourself if you are being sufficiently compensated > for these risks as reputable IPv4 space is at a premium, so replacing the > IPv4 space you lent out could get quite costly. > > -- > Mike Fuller :: Security Reliability Engineer :: Google :: AS15169 > > On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson wrote: > >> Have several networks using them. This he networks get paid, and no >> blacklists. Contact me off list if you want more details >> >> >> >> Justin Wilson >> li...@mtin.net >> >> >> — >> https://j2sw.com - All things jsw (AS209109) >> https://blog.j2sw.com - Podcast and Blog >> >> > On Feb 5, 2020, at 2:14 PM, Steve Saner wrote: >> > >> > Has anyone here worked with DiviNetworks (https://divinetworks.com/) >> to "sell" their unused bandwidth? >> > >> > I'd be curious to hear any thoughts or experiences. >> > >> > Steve >> > >> > -- >> > >> -- >> > Steven Saner Voice: >> 316-858-3000 <(316)%20858-3000> >> > Director of Network Operations Fax: >> 316-858-3001 <(316)%20858-3001> >> > Hubris Communications >> http://www.hubris.net >> > >> >> >
Re: DiviNetworks
They don’t lease your IP space is the thing. Justin Wilson li...@mtin.net — https://j2sw.com - All things jsw (AS209109) https://blog.j2sw.com - Podcast and Blog > On Feb 6, 2020, at 2:07 PM, Mike Fuller wrote: > > I'd be very cautious about engaging with any company whose business model is > to get a short-term lease of your IP-space. Many companies use IP reputation > data, and so you are essentially lending that reputation to a 3rd party, who > may use it in ways you don't anticipate until the reputation is sufficiently > damaged, and then return it to you and move on to another ISP. > > Some organizations' response to unwanted traffic is simply to block large IP > ranges or entire ASes, and not everyone is good about following-up and > expiring such blocks in the future. I realize your customers haven't > ended-up on any spam/abuse blocklists, but that doesn't mean they won't be, > or that their IP reputation hasn't already been affected in less obvious > ways. You should ask yourself if you are being sufficiently compensated for > these risks as reputable IPv4 space is at a premium, so replacing the IPv4 > space you lent out could get quite costly. > > -- > Mike Fuller :: Security Reliability Engineer :: Google :: AS15169 > > On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson <mailto:li...@mtin.net>> wrote: > Have several networks using them. This he networks get paid, and no > blacklists. Contact me off list if you want more details > > > > Justin Wilson > li...@mtin.net <mailto:li...@mtin.net> > > > — > https://j2sw.com <https://j2sw.com/> - All things jsw (AS209109) > https://blog.j2sw.com <https://blog.j2sw.com/> - Podcast and Blog > > > On Feb 5, 2020, at 2:14 PM, Steve Saner > <mailto:ssa...@hubris.net>> wrote: > > > > Has anyone here worked with DiviNetworks (https://divinetworks.com/ > > <https://divinetworks.com/>) to "sell" their unused bandwidth? > > > > I'd be curious to hear any thoughts or experiences. > > > > Steve > > > > -- > > -- > > Steven Saner mailto:ssa...@hubris.net>> > > Voice: 316-858-3000 > > Director of Network Operations Fax: 316-858-3001 > > > > Hubris Communicationshttp://www.hubris.net > > <http://www.hubris.net/> > > >
Re: DiviNetworks
We have worked extensively with them in the past, legit company that (at the time) used custom live traffic compression boxes via gre tunnels to squeeze more bandwidth out of (expensive) customer lines. Jeroen Wunnink Sr. Manager - Integration Engineering www.gtt.net <http://www.gtt.net/> On 05/02/2020, 20:15, "NANOG on behalf of Steve Saner" wrote: Has anyone here worked with DiviNetworks (https://divinetworks.com/) to "sell" their unused bandwidth? I'd be curious to hear any thoughts or experiences. Steve -- -- Steven Saner Voice: 316-858-3000 Director of Network Operations Fax: 316-858-3001 Hubris Communicationshttp://www.hubris.net
Re: DiviNetworks
On Wed, Feb 5, 2020 at 11:15 AM Steve Saner wrote: > Has anyone here worked with DiviNetworks (https://divinetworks.com/) to > "sell" their unused bandwidth? "Both USED and unused IPs can be utilized. IP allocation is NOT needed. " "the configuration that we provide will ensure that traffic, which belongs to sessions generated by our customers will be redirected through a tunnel to our PoPs while all of your users traffic will be routed as usual to your users. " -- William Herrin b...@herrin.us https://bill.herrin.us/
Re: DiviNetworks
Have several networks using them. This he networks get paid, and no blacklists. Contact me off list if you want more details Justin Wilson li...@mtin.net — https://j2sw.com - All things jsw (AS209109) https://blog.j2sw.com - Podcast and Blog > On Feb 5, 2020, at 2:14 PM, Steve Saner wrote: > > Has anyone here worked with DiviNetworks (https://divinetworks.com/) to > "sell" their unused bandwidth? > > I'd be curious to hear any thoughts or experiences. > > Steve > > -- > -- > Steven Saner Voice: 316-858-3000 > Director of Network Operations Fax: 316-858-3001 > Hubris Communicationshttp://www.hubris.net >
DiviNetworks
Has anyone here worked with DiviNetworks (https://divinetworks.com/) to "sell" their unused bandwidth? I'd be curious to hear any thoughts or experiences. Steve -- -- Steven Saner Voice: 316-858-3000 Director of Network Operations Fax: 316-858-3001 Hubris Communicationshttp://www.hubris.net
