We have removed that customer as you you have seen, therefore we
actually solved this case.
Regarding the CodeVest thing: The fact that both sites are hosted on the
same server does not mean that there is a direct link between these
projects.
This statement is simply not correct to put it mildly!
When we contacted you regarding C2 of Netwire malware you replied and I
quote: "To make long things short: Because we have no logs, there isn't
much we can do in order to solve this case."
Tonu
CERT-EE
On 10.07.2020 13:07, i...@fos-vpn.org
>In message <20b290b5003cafb91745b7db6d31c...@fos-vpn.org>, info@fos-
>vpn.org writes
[various message about abuse issues around VPNs without logging]
In message , Richard Clayton
writes
>I can understand the attractions to you of that business model.
List readers may be interested in
So you're ignoring abuse reports from other network operators?
Or do you mean that you view reports from a CERT as being the only type of
report you'll take seriously?
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com
https://blacknight.blog
In message <20b290b5003cafb91745b7db6d31c...@fos-vpn.org>, info@fos-
vpn.org writes
>To answer your last question: If we receive a valid abuse report i.e.
>from a CERT we temporarily close the regarding Port on the particular
>IP.
For clarity (and I appreciate that English is probably not your
To answer your last question: If we receive a valid abuse report i.e.
from a CERT we temporarily close the regarding Port on the particular
IP.
If the customer then starts to complain we send him a copy of the report
and point out that another violation of our ToS will result in a
termination
Yes we have:
Prohibited Activities
We prohibit the use of any of our services in any of the following ways:
* Spamming (e-mail, Usenet, message boards, etc.)
* Copyright, trademark, and patent infringement.
* Defamatory or abusive language
* IP Spoofing
* Illegal or unauthorized access to
> Getting back to your street example. We -just like the police- are
> unable to watch the streets 24/7/365 for a potential bank robber
> traversing the street
or more like the police here in the states seem unable to police
themselves internally for fascist racist murderers.
Getting back to your street example. We -just like the police- are
unable to watch the streets 24/7/365 for a potential bank robber
traversing the street. Assuming that we lease the street and let others
use it openly, we can only do our best to keep miscreants off it. It is
however not a
On 09.07.20 19:52, i...@fos-vpn.org wrote:
> Yes, VPN services can be used for unlawful activities such as Tor Exit
> Nodes or public WiFi Hotspots; that lies in the nature of things.
> However we believe that most of our customers behave behave in a
> responsible fashion and respect the laws
Hi,
On Thu, Jul 09, 2020 at 07:52:44PM +0200, i...@fos-vpn.org wrote:
> Yes, VPN services can be used for unlawful activities such as Tor Exit
> Nodes or public WiFi Hotspots; that lies in the nature of things.
> However we believe that most of our customers behave behave in a
> responsible
I've trouble to understand why you see "sharing info or files with information
of abuse records", is a legal penalty. The only "penalty" (filtering) is
imposed by other folks using those files and taking their own decision.
If they are doing anything wrong against the law, Andorra is not a safe
Sorry, but only legal entities have the right to impose penalties, not
privately owned companies.
Spamhaus behaves as if they would be executive, legislative and
judiciary at once.
They immunize itself against legal actions by moving their headquarters
outside the EU.
Furthermore, they violate
On Thu, 9 Jul 2020, 18:36 , wrote:
>
> Those "Escalation Listings" cause big problems and there is no
> independent board of arbitration which could bring a solution in such
> cases.
>
You already admitted you're providing services to users that don't obey
your ToS, and who are involved in
Please don't argue with each other.
I always seek for diplomatic solutions.
I never said that everything what Spamhaus did in the past was wrong.
They might have done a good job in fighting SPAM, but what we
experienced in recent years was that Spamhaus attacked various hosting
and upstream
of Serge Droz
via anti-abuse-wg
Sent: Thursday 9 July 2020 14:32
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] Fwd: Re: botnet controllers
CAUTION[External]: This email originated from outside of the organisation. Do
not click on links or open the attachments unless you recognise
*From:* anti-abuse-wg on behalf of
> Michele Neylon - Blacknight
> *Sent:* Thursday, July 9, 2020 4:02 PM
> *To:* Serge Droz ; anti-abuse-wg@ripe.net
>
> *Subject:* Re: [anti-abuse-wg] Fwd: Re: botnet controllers
>
> +1 on all points
>
> That someone who won't e
+1 on all points
That someone who won't even disclose who they are has the gall to demand that
Spamhaus or anyone else should is hilarious and disturbing.
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com
https://blacknight.blog /
, No. 275301. CRA No. 20036270
From: anti-abuse-wg on behalf of Angel
Fernandez Pineda
Sent: Thursday 9 July 2020 08:16
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] Fwd: Re: botnet controllers
CAUTION[External]: This email originated from outside
> *Enviado:* jueves, 9 de julio de 2020 8:29
> *Para:* anti-abuse-wg@ripe.net
> *Asunto:* Re: [anti-abuse-wg] Fwd: Re: botnet controllers
>
> Hi Info
>
> Maybe one of the reasons some Non-logging VPNs end up on blacklist sis
> that the Non-Looging phrase is just an excuse t
julio de 2020 8:29
Para: anti-abuse-wg@ripe.net
Asunto: Re: [anti-abuse-wg] Fwd: Re: botnet controllers
Hi Info
Maybe one of the reasons some Non-logging VPNs end up on blacklist sis
that the Non-Looging phrase is just an excuse to not go after misuse.
The rights to privacy and free speech do
Hi Info
Maybe one of the reasons some Non-logging VPNs end up on blacklist sis
that the Non-Looging phrase is just an excuse to not go after misuse.
The rights to privacy and free speech do not mean anything goes.
You can fight abuse without violating privacy. But of course that's not
for free,
and as I said to you in the email, it is great that you are running a
totally free VPN service with no money or income from it, so that if the
customers don't pay you then you would have no way of stopping them from
accessing it.
... or are you?
On 9/07/2020 4:46 am, i...@fos-vpn.org
If I found that any of your IP addresses is abusing my networks, I've the
perfect right to black list your entire network and even more, make my decision
public, so others can follow my advice. Specially if you don't take measures to
log your network (despite is legally mandatory or not) and
If you can demonstrate that those are fake reports, then you have a base for a
court claim, even in Andorra.
LEA has the responsibility to investigate and find the real people behind that.
El 8/7/20 20:42, "anti-abuse-wg-boun...@ripe.net en nombre de
i...@fos-vpn.org" escribió:
All I
If Spamhaus lists our prefixes on EDROP it's their decision, we have to
live with that, but they don't have the right to blacklist clean
prefixes of hosting providers which host our service, because that is a
form of punishment.
Spamhaus is no legal entity and does therefore not have the right
On Wed, 8 Jul 2020, 15:47 , wrote:
>
> It is true that VPN services which don't log any user activities attract
> people with bad intentions and believe me: We are not happy about that
> either...but we have to live with that
As per your own admission, you have to live with people abusing your
I would not be so quick in judging Spamhaus to be evil or even worse,
illegal.
We've encountered C2s (malware control server) which are pure evil and
illegal in most countries but running over VPNs. Having a VPN service
provider who claims not being able to stop service for the customer who
is
All I would like from Spamhaus is to stop publishing fake SBL records in
order to discredit us and to use that to put pressure both upon us and
our upstreams.
Non-logging VPN services are as legal within the EU as Exit Nodes of the
Tor Network (which have massive abuse entries in various data
dear info:
> When you run a VPN service it simply lies in the nature of things that
> some miscreants buy accounts which lead to various types of
> complaints.
> Our principle is not to serve the bad, but the good!
reasonable. probably not easy to tell the good from the bad.
> Our removal
If I'm listing /24s, instead of addresses, and I clearly state, "within this
/24 the following IP addresses have been reported as abusers" and probably
other information such as "they do not resolve the abuse cases/they are
responding efficiently, etc.", I don't think there is anything wrong.
@Jordi Palet Martinez: If Spamhaus would just list IP addresses we
wouldn't mind that. The reality is different though.
We brought a /24 prefix to a certain hosting provider which I don't want
to name here and a few weeks after that Spamhaus listed the other clean
prefixes of that company
In a couple of occasions (many years ago), some of the IPs under my
responsibility, were listed at spamhaus. I contacted them and got delisted, no
problem. Of course, after that I took measures so my IP addresses are never
involved even by accident, in any "bad" activity: it is my duty.
My
Please allow me to comment on this on behalf of the VPN services
affected by the accusations:
https://www.ripe.net/participate/mail/forum/anti-abuse-wg/PDRhZGNmYmVmLTNmMmYtNjQ2ZC1iOTMzLWNhY2RkMDEyOGU0M0BzdG9yZXkub3ZoPg==
When you run a VPN service it simply lies in the nature of things that
Hi {Firstname},
Discussion usually happens before we get to a policy proposal.
If you have a policy ready to propose then please feel free to send it
and we can base a discussion around that.
Thanks,
Alistair
On 25/06/2020 10:56, PP wrote:
> I see a lot of discussion, but no formal policy
I see a lot of discussion, but no formal policy proposal.
On 25/06/2020 7:23 pm, Serge Droz via anti-abuse-wg wrote:
On 25.06.20 10:22, PP wrote:
Perhaps a code of conduct, with de-registration of resources if the
entity does not comply, and enforcement costs to be levied against the
annual
On 25.06.20 10:22, PP wrote:
> Perhaps a code of conduct, with de-registration of resources if the
> entity does not comply, and enforcement costs to be levied against the
> annual fee imposed for the registering of IP resources.
>
I'm all in favour, but I'm afraid we've had this discussion
Perhaps a code of conduct, with de-registration of resources if the
entity does not comply, and enforcement costs to be levied against the
annual fee imposed for the registering of IP resources.
On 25/06/2020 5:45 pm, Serge Droz via anti-abuse-wg wrote:
Hi whoever you are,
(typically it's
Hi whoever you are,
(typically it's not a good sign, if you need hide behind an anonymous
alias).
I think the comparison to phone numbers is bad, that area is plagued by
very similar issues. But I get you point.
I think it's not feasible that you need to somehow proof you are
legitimate, the
Firstly, reporting it to the LEO does not cause the resources to be
de-registered.
Secondly, your example regarding IPv6 is another reason why this
approach is not sufficient: there are
340,282,366,920,938,000,000,000,000,000,000,000,000 possible IPv6 addresses.
It should be that the
So who at RIPE is responsible for allocating this resource, and what
policy can be introduced to prevent the allocation of IP address
resources to irresponsible organizations like this one?
SpamHaus have it listed as the worlds number one source of spam:
We've had similar experience with this VPN provider.
He claims not being able to track malicious actor is for the benefit of
free speech but when malware is used to attack people who express free
speech he did not understand that his service is not contributing
towards free speech but hinders it.
Botnet controllers on VPN provider that refuses to act:
organisation: ORG-SL751-RIPE
org-name: Freedom Of Speech VPN
org-type: OTHER
address: P.O. Box 9173
address: Victoria
address: Mahe Island
address: Seychelles
43 matches
Mail list logo