Re: InterCage, Inc. (NOT Atrivo)
[EMAIL PROTECTED] wrote: On Mon, 22 Sep 2008 17:00:35 CDT, Justin Shore said: There may not be a law preventing you from asking him for proof of legitimate customers, but there is a law preventing him from answering you. Google for CPNI and red flag. Hmm... I'm not sure how Yes, XYZ is a customer of mine qualifies as a red flag question for identity theft. I'm also not sure how XYZ is a customer qualifies as CPNI, which (according to the first few pages of Google hits) comprises things like calling/billing records. Nope. Doesn't seem like xyz is a customer qualifies there... Hmm... xyz is a customer doesn't seem to run afoul of that either. Feel free to enlighten me about what I missed here? Given the unfortunate vagueness of the FCC on their directive, consultants have interpreted CPNI differently and have given their customers (SP and CS organizations) wildly varying instructions. However every interpretation that I've been privy to extends far beyond call records like many people believe CPNI is limited to. Our CPNI consultants instructed us to not even reveal that Company X is a customer (which is laughable given the size of the communities we serve, but I digress). They did however tell us that we can trust all phone numbers listed on an account both for instant information providing and for callbacks. Cox's interpretation is that only the primary number listed on the account is valid for callbacks and that the PIN is required regardless (something our consultants told us was only required if the caller couldn't be reached on a valid callback number). Everybody has different instructions to work with. To answer the question the list is asking, the SP isn't simply stating that Company X is a customer of SP ABC. They are stating that Company X is a customer and that they believe Company X is a valid, not malicious customer in good standing. While that's not a call record that implies certain things about Company X's relationship with the SP. They essentially stating that they haven't received spam or other abuse complaints regarding the customer. They're implying that they are a customer in good standing. That could even be construed to imply that their account is in good standing. That's more than just saying that Company X is a customer of SP ABC. Our consultants advised us against saying anything of the sort. Think of it like HIPAA for SPs. It's splitting hairs but that's the unfortunate situation that CPNI has put all of us in. Instead of a common sense response we get to deal with the knee-jerk response from the FCC thanks chiefly to the Patty Dunn scandal. Justin
Re: InterCage, Inc. (NOT Atrivo)
Patrick W. Gilmore wrote: There is no law or even custom stopping me from asking you to prove you are worthy to connect to my network. There may not be a law preventing you from asking him for proof of legitimate customers, but there is a law preventing him from answering you. Google for CPNI and red flag. Justin
Re: InterCage, Inc. (NOT Atrivo)
That does not stop me from asking. Also, I've never seen a viable, legit biz that didn't have at least a couple customers who were willing to let their name be used. -- TTFN, patrick iPhone 3-J (That's 3-Jezuz for the uninitiated.) On Sep 22, 2008, at 18:00, Justin Shore [EMAIL PROTECTED] wrote: Patrick W. Gilmore wrote: There is no law or even custom stopping me from asking you to prove you are worthy to connect to my network. There may not be a law preventing you from asking him for proof of legitimate customers, but there is a law preventing him from answering you. Google for CPNI and red flag. Justin
Re: InterCage, Inc. (NOT Atrivo)
On Mon, 22 Sep 2008 17:00:35 CDT, Justin Shore said: There may not be a law preventing you from asking him for proof of legitimate customers, but there is a law preventing him from answering you. Google for CPNI and red flag. Hmm... I'm not sure how Yes, XYZ is a customer of mine qualifies as a red flag question for identity theft. I'm also not sure how XYZ is a customer qualifies as CPNI, which (according to the first few pages of Google hits) comprises things like calling/billing records. http://www.privacyalerts.org/phone-records.html says: For clarity, a record in this section is the same thing as a call log or a text log. A phone record typically includes: date, time, sender geographic location, recipient phone number, recipient geographic location, and duration of call. A text record includes: date, time, and recipient phone number. Nope. Doesn't seem like xyz is a customer qualifies there... http://www.ipbusinessmag.com/articles.php?issue_id=63article_id=387 says: Space does not permit an extended review of the FTC rules here, but they apply to creditors who maintain ongoing accounts with customers for repeated transactions. Cell phone accounts are offered by the rules as one example of a covered account which is subject to the rules. If a business maintains such covered accounts it must comply with the new rules to prevent identity theft of its account holders. Hmm... xyz is a customer doesn't seem to run afoul of that either. Feel free to enlighten me about what I missed here? pgpNGkggWH3um.pgp Description: PGP signature
Re: InterCage, Inc. (NOT Atrivo)
On Sep 12, 2008, at 3:02 PM, Steve Gibbard wrote: On Fri, 12 Sep 2008, Patrick W. Gilmore wrote: Going back a bit in case you forgot, we were discussing the fact you have NO RIGHT to connect to my network, it is a privilege, not a right. You responded with: If I have either a peering agreement ... then that contract supports my 'rights' under that contract persuant to my responsibilities being fulfilled. Then you posted this contract as an example of those rights. From the contract you claim to be a great model: It's probably correct that any individual player in this industry not under other regulatory restrictions can refuse to do business with somebody they don't like, sometimes. Probably? For the industry as a whole to make a group decision to not do business with somebody who may be a competitor seems more legally risky. Engaging in that sort of thing without getting some good legal advice first would certainly make me nervous. The industry as a whole? And who in their right minds considers Atrivo or InterCage a competitor? Are you upset at InterCage for lost child pr0n customers? Since this appears to be somebody who is contracting with lots of US providers, their identity is presumably known. This discussion has now been going on for long enough that it's presumably passed the emergency, act now; think later, phase. Should what they're doing be a law enforcement issue, rather than a they've got cooties issue? You have been around more than long enough to know better than that Steve. And you should be more consistent. Is this a US problem or an Internet problem? -- TTFN, patrick
Re: InterCage, Inc. (NOT Atrivo)
On Sep 12, 2008, at 1:42 AM, Lamar Owen wrote: [On-list comment. Off-list comments longer.] On Thursday 11 September 2008 22:23:35 Patrick W. Gilmore wrote: If I have either a peering agreement or a transit arrangement with a written contract, then that contract supports my 'rights' under that contract persuant to my responsibilities being fulfilled. If you had ever read a peering agreement, I have; see this publicly available peering agreement [0], where in clause 9 we find the wording Neither party shall assign its rights under this Agreement without the prior written consent of the other party. In clause 5 we find the wording If ... there are significant breaches of the conditions of this agreement, both parties reserve the right unilaterally to immediately terminate the agreement ... See what lies under the points of ellipsis by reading the whole (2.5 page) agreement; it is succinct, clear, and a great model. Drifting off-topic; my participation in this thread terminated, unilaterally. Actually, peering is on-topic. I'm sure there are many others out there who are just as unaware of how things work on the Internet as you are. That said, I'm not sure how many of them can read a peering agreement come to the conclusion that you then have a right to connect to my network. Going back a bit in case you forgot, we were discussing the fact you have NO RIGHT to connect to my network, it is a privilege, not a right. You responded with: If I have either a peering agreement ... then that contract supports my 'rights' under that contract persuant to my responsibilities being fulfilled. Then you posted this contract as an example of those rights. From the contract you claim to be a great model: quote Each party’s entire liability and sole remedies, whether in contract or in tort, in respect of any default shall be as set out in this Clause or Clause 5. Each party’s remedies against the other in respect of any default shall be limited to damages and/or termination of this agreement. /quote I guess you could argue you have a right - at least until I type shut on your BGP sessions. Then your rights end. I need no reasoning to do this. None. And your recourse once I have done this is Hrmm, it seems your only recourse is to type shut on your side of the session. Yeah, lots of rights there. Now, in practice, it is poor manners, and poor business judgement to shut someone off without notice. It hurts your customers and mine, and puts a very large strain on any other business dealings we have in progress or might have in the future. But manners and business deals are not rights. That should be plainly obvious to you (I hope). Oh, and I notice you ignored my question, again. I won't bother copy/ pasting it here just to have you continue to ignore it, I think the audience gets the point - you don't have an answer. -- TTFN, patrick
Re: InterCage, Inc. (NOT Atrivo)
On Sep 12, 2008, at 1:43 PM, Patrick W. Gilmore wrote: Oh, and I notice you ignored my question, again. I won't bother copy/pasting it here just to have you continue to ignore it, I think the audience gets the point - you don't have an answer. In fairness, he sent me an answer privately. Sorry, I didn't see that before I sent my on-list reply. -- TTFN, patrick
Re: InterCage, Inc. (NOT Atrivo)
On Fri, 12 Sep 2008, Patrick W. Gilmore wrote: Going back a bit in case you forgot, we were discussing the fact you have NO RIGHT to connect to my network, it is a privilege, not a right. You responded with: If I have either a peering agreement ... then that contract supports my 'rights' under that contract persuant to my responsibilities being fulfilled. Then you posted this contract as an example of those rights. From the contract you claim to be a great model: Calm down, Patrick. :) It's probably correct that any individual player in this industry not under other regulatory restrictions can refuse to do business with somebody they don't like, sometimes. For the industry as a whole to make a group decision to not do business with somebody who may be a competitor seems more legally risky. Engaging in that sort of thing without getting some good legal advice first would certainly make me nervous. Since this appears to be somebody who is contracting with lots of US providers, their identity is presumably known. This discussion has now been going on for long enough that it's presumably passed the emergency, act now; think later, phase. Should what they're doing be a law enforcement issue, rather than a they've got cooties issue? -Steve
Re: InterCage, Inc. (NOT Atrivo)
On Fri, 12 Sep 2008, Steve Gibbard wrote: On Fri, 12 Sep 2008, Patrick W. Gilmore wrote: Since this appears to be somebody who is contracting with lots of US providers, their identity is presumably known. This discussion has now been going on for long enough that it's presumably passed the emergency, act now; think later, phase. Should what they're doing be a law enforcement issue, rather than a they've got cooties issue? It wasn't an emergency except a PR emergency for the transit providers. As to a law enforcement issue, it probably is for 4 years now... which comes to show why we are the ones protecting the network. They will probably become more useful in the future. Gadi. -Steve
Re: InterCage, Inc. (NOT Atrivo)
Gadi Evron wrote: On Mon, 8 Sep 2008, Scott Weeks wrote: --- [EMAIL PROTECTED] wrote: I am sure if I looked into it more I could find some exploits related to the sites. - Why software piracy might actually be good for companies. Folks should clean their own house before pointing fingers at others... My house may not be clean right now, but the cleaner is coming tomorrow. However, filth from their house is making my house smell. I am very happy they are willing to clean up, but it still smells for some reason. Enough with analogies, you are making this discussion into a hostile environment for them to reply in. What are you afraid of, anyway? Are you running a bullet-proof hosting farm? Why should an ISP provide proof of the good behavior of their clients ? Or in your conuntry you're considered guilty until proven otherwise ?
Re: InterCage, Inc. (NOT Atrivo)
Why should an ISP provide proof of the good behavior of their clients ? Or in your conuntry you're considered guilty until proven otherwise ? This is not a court. In court, if you are determined guilty a large punishment may be exacted (note: it's innocent until determined to be very likely guilty in criminal cases, innocent until probably guilty in civil cases); here, that is not the case. They have a history of abuse; it's fair to be suspicious of them (why did they let the abuse last so long?) and ask for an example of a legitimate client. If they have a few, it should be easy to find one willing to be used as an example.
Re: InterCage, Inc. (NOT Atrivo)
On Thu, September 11, 2008 10:58 am, Eugeniu Patrascu wrote: Why should an ISP provide proof of the good behavior of their clients ? Or in your conuntry you're considered guilty until proven otherwise ? Conversely, and sticking close to the 'clean house' metaphor, if someone has a history of tramping mud into your carpets every previous time they've visited, is it unreasonable to ask them to present clean shoes before letting them into your house again? Regards, Tim.
Re: InterCage, Inc. (NOT Atrivo)
Lamar Owen wrote: Lack of a defense in a civil case will virtually guarantee a favorable judgment for the plaintiff, however. Networks (at least in most countries) are 100% private entities who can de-peer whoever they want for whatever reason they want.
Re: InterCage, Inc. (NOT Atrivo)
On Sep 11, 2008, at 8:50 AM, Lamar Owen wrote: On Thursday 11 September 2008 06:23:29 [EMAIL PROTECTED] wrote: This is not a court. In court, if you are determined guilty a large punishment may be exacted Depeering is not a large punishment? In the internet world, mass depeering / de-transitting like we've see in this instance is akin to capital punishment. By vigilantes. The US Old West redux. You are confused. Connecting to my network is a PRIVILEGE, not a right. You lose a criminal case, you lose rights (e.g. freedom to walk outside). Disconnecting you from my network is not denying any of your rights. There is no law or even custom stopping me from asking you to prove you are worthy to connect to my network. You don't want to prove it, that's your right, just as it is my right to not connect to you. Mind if I ask why you think you have any right to connect to my network if I do not want you to do so? For _any_ reason, including not showing me legit customers, political affiliation, or even the color of your hat? -- TTFN, patrick But even in a court of law in a criminal case a defense must be made, otherwise the least sort of evidence of culpability can produce conviction; the defendant must at least put on a defense to invalidate the culpatory evidence. So when culpatory evidence is presented in these cases, requesting exculpatory evidence is very reasonable. Lack of a defense in a civil case will virtually guarantee a favorable judgment for the plaintiff, however.
Re: InterCage, Inc. (NOT Atrivo)
On Sep 11, 2008, at 6:52 PM, Randy Bush wrote: In the internet world, mass depeering / de-transitting like we've see in this instance is akin to capital punishment. By vigilantes. The US Old West redux. Connecting to my network is a PRIVILEGE, not a right. You lose a criminal case, you lose rights (e.g. freedom to walk outside). Disconnecting you from my network is not denying any of your rights. There is no law or even custom stopping me from asking you to prove you are worthy to connect to my network. You don't want to prove it, that's your right, just as it is my right to not connect to you. Mind if I ask why you think you have any right to connect to my network if I do not want you to do so? For _any_ reason, including not showing me legit customers, political affiliation, or even the color of your hat? amidst all this high flyin' political theory discussion of rights, there is an elephant in the room. as conditions to merger/purchase, there were legal restrictions placed on one or more significant operators regarding [de-]peering (i.e. your statement above is significantly incorrect). my altzheimer's device tells me that those restrictions end 2008.12.31. expect change. The fact there is a temporary exception to the rule for two providers in the US who agreed to the exception for reasons other than peering / transit does not mean the rule is invalid. As for (some of?) the exceptions expiring at the end of this calendar year, I'm not at all certain it will be a sea change. Contrary to popular belief, the US is not the center of the Internet any more. And even if it were, those providers - even the two combined - are not the center of the US Internet. Besides, wouldn't that just prove the rule anyway? :) The 'Net has become much more egalitarian. I would think that you of all people Randy would applaud the internationalization and flattening of the Internet. -- TTFN, patrick
RE: InterCage, Inc. (NOT Atrivo)
amidst all this high flyin' political theory discussion of rights, there is an elephant in the room. as conditions to merger/purchase, there were legal restrictions placed on one or more significant operators regarding [de-]peering (i.e. your statement above is significantly incorrect). my altzheimer's device tells me that those restrictions end 2008.12.31. expect change. randy SBC end-date is 2009-Dec-31. Randy
Re: InterCage, Inc. (NOT Atrivo)
amidst all this high flyin' political theory discussion of rights, there is an elephant in the room. as conditions to merger/purchase, there were legal restrictions placed on one or more significant operators regarding [de-]peering (i.e. your statement above is significantly incorrect). my altzheimer's device tells me that those restrictions end 2008.12.31. expect change. The fact there is a temporary exception to the rule for two providers in the US who agreed to the exception for reasons other than peering / transit does not mean the rule is invalid. so sorry to have interrupted a deep discussion of political theory on rights and unwritten rules with operational reality :) randy
Re: InterCage, Inc. (NOT Atrivo)
On Thursday 11 September 2008 18:37:59 Patrick W. Gilmore wrote: On Sep 11, 2008, at 8:50 AM, Lamar Owen wrote: On Thursday 11 September 2008 06:23:29 [EMAIL PROTECTED] wrote: This is not a court. In court, if you are determined guilty a large punishment may be exacted Depeering is not a large punishment? In the internet world, mass depeering / de-transitting like we've see in this instance is akin to capital punishment. By vigilantes. The US Old West redux. You are confused. No, I'm not, actually. As you say, it's every man (peer) for himself; is this not a digital analog to the dynamic of the Old West? If I have either a peering agreement or a transit arrangement with a written contract, then that contract supports my 'rights' under that contract persuant to my responsibilities being fulfilled. But here on NANOG it sure looked like the gunfight at the OK Corral earlier as the posse went after the bad guys. And, well, yes, the alleged 'bad guys' might have deserved the penalty. But it was sure an interesting dynamic to watch. Go back and read the whole thread; it is very enlightening. But you don't have to get all defensive about it.
Re: InterCage, Inc. (NOT Atrivo)
On Sep 11, 2008, at 9:11 PM, Lamar Owen wrote: On Thursday 11 September 2008 18:37:59 Patrick W. Gilmore wrote: On Sep 11, 2008, at 8:50 AM, Lamar Owen wrote: On Thursday 11 September 2008 06:23:29 [EMAIL PROTECTED] wrote: This is not a court. In court, if you are determined guilty a large punishment may be exacted Depeering is not a large punishment? In the internet world, mass depeering / de-transitting like we've see in this instance is akin to capital punishment. By vigilantes. The US Old West redux. You are confused. No, I'm not, actually. We disagree. As you say, it's every man (peer) for himself; is this not a digital analog to the dynamic of the Old West? If I have either a peering agreement or a transit arrangement with a written contract, then that contract supports my 'rights' under that contract persuant to my responsibilities being fulfilled. If you had ever read a peering agreement, you would know they contain no guarantees of connectivity. Your rights are actually set forth as to what you may not do (e.g. point default), not what you may do (e.g. connect to me). Well, unless you include disconnect from me as a right. As for transit agreements, note that the network in question was kicked off both its transit providers in essentially nothing flat, so they obviously are not guaranteed either. (Not to mention at least two more the transit providers previous to this thread.) But here on NANOG it sure looked like the gunfight at the OK Corral earlier as the posse went after the bad guys. And, well, yes, the alleged 'bad guys' might have deserved the penalty. But it was sure an interesting dynamic to watch. Go back and read the whole thread; it is very enlightening. Perhaps you should read up more on the alleged bad guys. I like to think of myself as a very open minded person, but child pr0n tends to upset essentially everyone. (And no, we are not talking 17 year olds, or even teenagers.) But you don't have to get all defensive about it. Not defensive, educational. From the tone and content of your posts, I made the - perhaps erroneous - assumption you were unclear on how and why networks interconnected. But to try and verify my assumption, I asked you a question, which you ignored: Mind if I ask why you think you have any right to connect to my network if I do not want you to do so? Although you verified my assumption anyway (see point you tried to make about peering agreements above). That said, I like to understand the root of your confusion, so I am still interested in your answer. -- TTFN, patrick
Re: InterCage, Inc. (NOT Atrivo)
--- [EMAIL PROTECTED] wrote: Well, perhaps you can share any information with us on a legitimate client you have? -- Now why do you have to go there? Just to fan the flames for fun and profit? :-( scott
Re: InterCage, Inc. (NOT Atrivo)
On Mon, 8 Sep 2008, Scott Weeks wrote: --- [EMAIL PROTECTED] wrote: Well, perhaps you can share any information with us on a legitimate client you have? -- Now why do you have to go there? Just to fan the flames for fun and profit? :-( I haven't seen any flames, I've seen them claim they cleaned up, instead of pointing out all their other bad clients, I am asking for a good one. Should be easy enough to manufacture. I am interesting in you take on this: I am starting to think of the horror of whoever gets assigned these IP addresses next trying to clean them all up so they are usable again. They are listed *everywhere* for a long time now. Gadi. scott
Re: InterCage, Inc. (NOT Atrivo)
--- [EMAIL PROTECTED] wrote: On Mon, 8 Sep 2008, Scott Weeks wrote: --- [EMAIL PROTECTED] wrote: Well, perhaps you can share any information with us on a legitimate client you have? -- Now why do you have to go there? Just to fan the flames for fun and profit? :-( I haven't seen any flames, I've seen them claim they cleaned up, instead of pointing out all their other bad clients, I am asking for a good one. Should be easy enough to manufacture. - Stop. Please. scott
Re: InterCage, Inc. (NOT Atrivo)
On Mon, Sep 8, 2008 at 10:59 AM, Scott Weeks [EMAIL PROTECTED] wrote: --- [EMAIL PROTECTED] wrote: Well, perhaps you can share any information with us on a legitimate client you have? -- Now why do you have to go there? Just to fan the flames for fun and profit? :-( scott Scott, I am unsure how it is fun or profitable to ask this question which has been on everyones mind. I haven't personally seen anything worth noting that wasn't malicious from Intercage or Hostfresh. I can tell you the only thing that was even remotely legitimate from a report of all Hostfresh/Intercage traffic from my network was a couple porn sites. Everything else was malicious communication. I am sure if I looked into it more I could find some exploits related to the sites. Thanks, James
Re: InterCage, Inc. (NOT Atrivo)
When I worked at an ISP I can say that my house was very clean. Takedowns were done in hours and we had a very large customer base. I will take on the clean house topic any time... I have done hundreds if not thousands of takedowns while I have worked at hosting companies, it isn't that hard to keep the house clean. However, what you have said in this topic has not been useful or brought anything that might be interesting to light at all. Please come back when you have something useful or productive to say. Thanks, James On Mon, Sep 8, 2008 at 11:20 AM, Scott Weeks [EMAIL PROTECTED] wrote: --- [EMAIL PROTECTED] wrote: I am sure if I looked into it more I could find some exploits related to the sites. - Why software piracy might actually be good for companies. Folks should clean their own house before pointing fingers at others... scott
RE: InterCage, Inc. (NOT Atrivo)
On Mon, 8 Sep 2008, Randy Epstein wrote: Obviously host lost some money now after buying a provider with a big client that was just depeered, so it is now a financial concern. Gadi. On the floor .. dying here. :) :)
Re: InterCage, Inc. (NOT Atrivo)
I do not think it is appropriate for ISPs to have to prove or demonstrate the legitimacy of their customer base Here is the exact point of contention and the point where I think people disagree. ISPs are the **first** line of defense against malware and badware. They are the ones closest to the customer and best able to whack-a-mole. For those ISPs that do cater to a high proportion of bad actors, I quite rightly want them to demonstrate their legitimacy. By peering with them, there is a trust relationship formed... if there is a question that goes right to the heart of that trust, they ought to answer it, otherwise they ought to be de-peered as well. On Mon, Sep 8, 2008 at 1:25 PM, Matthew Petach [EMAIL PROTECTED] wrote: On 9/8/08, Gadi Evron [EMAIL PROTECTED] wrote: On Sun, 7 Sep 2008, InterCage - Russ wrote: Thank you Russ. That is a great step in the right direction dropping this one client. It is appreciated, although it's just one bad apple on a big tree. However, I don't want to pick on you, so let's reframe the subject: What do you suggest for the next move? Well, perhaps you can share any information with us on a legitimate client you have? I do not think it is appropriate for ISPs to have to prove or demonstrate the legitimacy of their customer base. As a legitimate customer of an ISP, I would be *highly* incensed if my privacy were to be violated simply to provide proof that the ISP had legitimate clients. The notion of innocent until proven guilty I think is a much better model for us to work with. If you find clear miscreants, and have data to back it up, then a call for cleaning up the miscreants is somewhat acceptable, though I worry that we may descend into a witch hunt if this is taken too far to the extreme. However, a call to prove your innocence is entirely uncalled for, and opens ISPs up to being caught on the horns of a very nasty dillemma; either to maintain their customer's privacy, and be labelled as an evil, nasty, non-cooperative provider that must therefore be guilty, by their very dint of failure to prove their innocence; or, reveal their law-abiding, legitimate client information, and and then quickly lose those clients when they realize their records are no longer considered private at that ISP. If you have proof of clients engaging in illegal practices, then it is appropriate to go after those clients. But leave the legitimate clients alone. *putting down his pitchfork and torch, and walking away from the mob* Matt
Re: InterCage, Inc. (NOT Atrivo)
On Mon, 8 Sep 2008, Matthew Petach wrote: On 9/8/08, Gadi Evron [EMAIL PROTECTED] wrote: On Sun, 7 Sep 2008, InterCage - Russ wrote: Thank you Russ. That is a great step in the right direction dropping this one client. It is appreciated, although it's just one bad apple on a big tree. However, I don't want to pick on you, so let's reframe the subject: What do you suggest for the next move? Well, perhaps you can share any information with us on a legitimate client you have? I do not think it is appropriate for ISPs to have to prove or demonstrate the legitimacy of their customer base. As a legitimate customer of an ISP, I would be *highly* incensed if my privacy were to be violated simply to provide proof that the ISP had legitimate clients. What you say in this email makes a lot of sense. Thanks for pointing that out. Not being a lawyer, I think this also makes sense legally (as far as the Britain-like systems go). As to this particular case, I'd be satisfied if I see even just all the fake DNS traffic stop heading their way, anyway. Gadi. The notion of innocent until proven guilty I think is a much better model for us to work with. If you find clear miscreants, and have data to back it up, then a call for cleaning up the miscreants is somewhat acceptable, though I worry that we may descend into a witch hunt if this is taken too far to the extreme. However, a call to prove your innocence is entirely uncalled for, and opens ISPs up to being caught on the horns of a very nasty dillemma; either to maintain their customer's privacy, and be labelled as an evil, nasty, non-cooperative provider that must therefore be guilty, by their very dint of failure to prove their innocence; or, reveal their law-abiding, legitimate client information, and and then quickly lose those clients when they realize their records are no longer considered private at that ISP. If you have proof of clients engaging in illegal practices, then it is appropriate to go after those clients. But leave the legitimate clients alone. *putting down his pitchfork and torch, and walking away from the mob* Matt
Re: InterCage, Inc. (NOT Atrivo)
On Sep 7, 2008, at 4:32 AM, InterCage - Russ wrote: Seeing the activity in regards to our company here at NANOG, I believe this is the most reasonable and responsible place to respond to the current issues on our network. We hope to obtain non-bias opinion's and good honest and truthful information from the users here. Being that there are much larger operators here then us, what kind of insight can you give to the issues that have arisen? We've near completely removed (completion monday 09/08/08) Hostfresh from our network. 2 of their /24's have been removed: 58.65.238.0/24 dropped 58.65.239.0/24 dropped The machine's they leased from us have been canceled. What do you suggest for the next move? A hearty pat on the back for a job well done. -- TTFN, patrick
Re: InterCage, Inc. (NOT Atrivo)
On Sep 7, 2008, at 11:58 AM, Patrick W. Gilmore wrote: On Sep 7, 2008, at 4:32 AM, InterCage - Russ wrote: Seeing the activity in regards to our company here at NANOG, I believe this is the most reasonable and responsible place to respond to the current issues on our network. We hope to obtain non- bias opinion's and good honest and truthful information from the users here. Being that there are much larger operators here then us, what kind of insight can you give to the issues that have arisen? We've near completely removed (completion monday 09/08/08) Hostfresh from our network. 2 of their /24's have been removed: 58.65.238.0/24 dropped 58.65.239.0/24 dropped The machine's they leased from us have been canceled. What do you suggest for the next move? A hearty pat on the back for a job well done. P.S. And removing you from the will _not_ buy from list of providers. -- TTFN, patrick