Re: FCC fines for unauthorized carrier changes and consumer billing

On Fri, 23 Apr 2021, Eric Kuhnke wrote: Did the FCC ever collect its $50 million from "Sandwich Isles Telecommunications" for blatant fraud? At this scale I wonder how or why certain people are not in federal prison. FCC is not law enforcement. The FTC can send people to prison. The FCC can

Re: Malicious SS7 activity and why SMS should never by used for 2FA

paypal used to openly support token 2fa, but have since made it nearly impossible to use hardware tokens. they try very hard to ram sms down everyones throats. -Dan On Sun, 18 Apr 2021, Mel Beckman wrote: No, every SMS 2FA should be prohibited by regulatory certifications. The telcos had

Re: Parler

On Mon, 11 Jan 2021, h...@interall.co.il wrote: I would assume Google and Azure would act the same to Parler. So what will end up happening is that US based fringe content will end up being hosted in China or Russia, and Chinese and Russian fringe content will end up being hosted in the USA.

Re: Parler

On Sun, 10 Jan 2021, Michael Thomas wrote: On 1/10/21 3:15 PM, Izaac wrote: On Sun, Jan 10, 2021 at 12:01:46PM -0800, Michael Thomas wrote: Considering that it seems that there continues to be talk/planning of armed insurrection, I think we can forgive them for violating professional

Re: A letter from the CEO

On Fri, 20 Nov 2020, Grant Taylor via NANOG wrote: On 11/20/20 4:41 PM, Matt Erculiani wrote: Ben is fairly regular on this list and I can't imagine she did this on purpose. How does one /accidentally/ harvest email addresses and /accidentally/ add them to a Mailchimp list and /accidentally/

Re: Abuse Desks

On Tue, 28 Apr 2020, Matt Corallo wrote: Sadly dumb kids are plentiful. If you have to nag an abuse desk every time they sell a server to a kid who’s experimenting with nmap for the first time then we’ll end up exactly where we are - abuse contacts are not a reliable way to get in touch

Re: Abuse Desks

On Tue, 28 Apr 2020, Matt Corallo via NANOG wrote: Please don't use this kind of crap to send automated "we received 3 login attempts on our SSH box..wa" emails. This is why folks don't have abuse contacts that are responsive to real issues anymore. Thats what SBL is for. -Dan

Re: Phishing and telemarketing telephone calls

On Sun, 26 Apr 2020, Michael Thomas wrote: On 4/25/20 10:23 AM, Anne P. Mitchell, Esq. wrote: So, harass those phone spammers for fun *and* profit! ;-) Here's the write-up I did, feel free to ask me any questions you may have. :-) What exactly is this "basic internet research"? I thought the

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

On Mon, 13 Apr 2020, Kushal R. wrote: As far as that tweet is concerned, it???s pending for 16 days because they have been blocked from sending us any emails due to the sheer amount of emails they started sending and then our live support chats. This is not an acceptable answer. -Dan

Re: FCC and FTC Demand Cut-Off Robercallers of Coronavirus Scams

Sadly I've discovered that >95% of scammers have caught on to lenny by now, and hang up within the first few seconds of hearing him. I guess they've been thoroughly lenny'd already so he's no longer effective. -Dan On Fri, 3 Apr 2020, JASON BOTHE via NANOG wrote: I just need my phone to

Re: AFRINIC: The Saga Continues

On Wed, 29 Jan 2020, Ronald F. Guilmette wrote: In all cases noted below, the networks in question are unambiguously routing IP blocks that were obtained, in the first instance, via thefts perpetrated by one or more AFRINIC insiders and then resold on the black market in secretive deals. What

ICANN extracts $20m signing fee for $1bn dot-com price increases and guess who's going to pay for it?

https://www.theregister.co.uk/2020/01/07/icann_verisign_fees/ 98% of the comments were opposed. How many / which companies would have to get onboard in order to get enough support for an icann alternative? Is such a thing even feasible? -Dan

Re: power to the internet

Nothing. It is extremely cheap, extremely durable, and nearly 100% recyclable. All the things lithium is not. The only thing is lead acid is not power dense, but that is not generally a problem at sites. -Dan On Sat, 28 Dec 2019, Baldur Norddahl wrote: What is wrong with lead acid

Re: FCC proposes $10 Million fine for spoofed robocalls

On Fri, 20 Dec 2019, Mike Hammett wrote: So send them all to Lenny? I wish there was a phone app to do this. -Dan

Re: FCC proposes $10 Million fine for spoofed robocalls

On Thu, 19 Dec 2019, Paul Timmins wrote: The people handling these calls know exactly who their customers are, yep and they'd remove them in hours if a legal mandate came down to provide passthrough penalties for providing service to these people. the only penalties that would motivate

RE: FCC proposes $10 Million fine for spoofed robocalls

Fact is the telcos make lots of money off spoofed robocalls so they have zero incentive to stop the practice. -Dan On Thu, 19 Dec 2019, Keith Medcalf wrote: "CallerID" is a misnomer. It is actually the "Advertized ID". However, the telco's realized you would not pay to receive

RE: New Alaskan Network

The verge is garbage. That is all. -Dan On Fri, 25 Oct 2019, Keith Medcalf wrote: Bwahahahaha! It is internally inconsistent. Perhaps this is just shoddy reporting, or perhaps the whole thing is just someone's idea of a wet dream. "The line will begin in North Pole, Alaska and will travel

Re: User Unknown (WAS: really amazon?)

On Mon, 12 Aug 2019, Bruce H McIntosh wrote: On 8/12/19 3:26 PM, Rich Kulawiec wrote: Half my grump with Amazon here is that they have, for all practical purposes, unlimited money and unlimited personnel. They should be the go-to example for How To Do It Right. They should be the model (or

Re: What can ISPs do better? Removing racism out of internet

On Tue, 6 Aug 2019, Rob McEwen wrote: I'm so tired of this thread - but the bottom line is that censorship and even the definition of "hate" and "racism" (especially when used in the vernacular!) are extremely subjective and can lead to situations where reasonable people disagree. And if/when

Re: really amazon?

t the deal is than “Really, amazon?” -mel On Jul 29, 2019, at 4:03 PM, Dan Hollis wrote: Amazon, you really should know better. Source ip: 54.240.4.4 https://search.arin.net/rdap/?query=54.240.4.4 Source Registry ARIN Kind Group Full Name Amazon SES Abuse Handle ASA152-ARIN Email email-ab...@

really amazon?

Amazon, you really should know better. Source ip: 54.240.4.4 https://search.arin.net/rdap/?query=54.240.4.4 Source Registry ARIN Kind Group Full Name Amazon SES Abuse Handle ASA152-ARIN Email email-ab...@amazon.com RCPT To: <<< 550 #5.1.0 Address rejected. 550 5.1.1 ... User unknown DATA

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On Tue, 16 Jul 2019, Michael Thomas wrote: But right you are, it's ultimately the carrier who needs to care about this problem at or nothing gets better. either the carrier starts dealing with it or legislation will come down to force the issue. -Dan

Re: Russian Anal Probing + Malware

On Sun, 23 Jun 2019, Randy Bush wrote: It's just a port/vulnerability scanner, I really don't see anything special about this particular case. they are pushing exploits. trying to RCE, wget a binary, chmod 777 on routers and rm -rf files. this goes way beyond scanner and into criminal trespass

Re: Russian Anal Probing + Malware

On Sat, 22 Jun 2019, Filip Hruska wrote: It's just a port/vulnerability scanner, I really don't see anything special about this particular case. they are pushing exploits. trying to RCE, wget a binary, chmod 777 on routers and rm -rf files. this goes way beyond scanner and into criminal

Re: PSA: change your fedex.com account logins

of work. Targeted attacks are a thing. On Fri, May 31, 2019 at 2:53 AM Mike Hale wrote: Oh for fucks sake. Really? You two are questioning someone who subscribes to Nanog over Fedex? You really think it's more likely that someone is targeting Dan Hollis (whoever he is) instead of Fedex leaving

Re: PSA: change your fedex.com account logins

where are you entered the login information for your Fed ex account. On May 30, 2019, at 4:12 PM, Dan Hollis wrote: I received a credit card scam addressed to my one-off unique address registered to fedex.com. So it seems fedex.com user database has been compromised. Change your logins asap

PSA: change your fedex.com account logins

I received a credit card scam addressed to my one-off unique address registered to fedex.com. So it seems fedex.com user database has been compromised. Change your logins asap. -Dan

Re: 29 May 2019: Emotet malspam: 'Mykolab Ref Id: I32560' [Was: Re: Spamming of NANOG list members]

On Wed, 29 May 2019, Paul Ferguson wrote: AS | IP | AS Name 14061 | 68.183.65[.]234| DIGITALOCEAN-ASN - DigitalOcean, LLC, US (shared hosting) 16276 | 158.69.127[.]22| OVH, FR (shared hosting) 51167 | 173.249.2[.]31 | CONTABO, DE (shared hosting) 46475 |

attempted archive.is hijacking

https://twitter.com/archiveis/status/1081276424781287427 Wonder what tactic the hijackers are using, and if it would work with any registrar - or if there is something specific about isnic that allows it to happen. -Dan

Re: Extending network over a dry pair

headend maybe adds a mile or less, it's on the route and about half way through. I made it 6 miles to be safe. We currently can pull a full 1.5Mbps off of that T1 we run there so perhaps CenturyLink is repeating at their CO and/or along the route? On Wed, Dec 12, 2018 at 6:32 PM Dan Hollis wrote

Re: Extending network over a dry pair

uck. Tim On 12/12/18 5:00 PM, Dan Hollis wrote: On Wed, 12 Dec 2018, Nick Bogle wrote: A quick question for you guys; If you had a single dry pair (pair of copper wires originally for phones) to a remote site that was around 6 miles away, what would you use? We currently are just extending a

Re: Extending network over a dry pair

On Wed, 12 Dec 2018, Nick Bogle wrote: A quick question for you guys; If you had a single dry pair (pair of copper wires originally for phones) to a remote site that was around 6 miles away, what would you use? We currently are just extending a T1 line to this site, but 1.5Mbps isn't cutting it

Re: Oracle abuse contact

Contact some DNSBLs? Sometimes it takes 550 responses to all their smtp connections for them to wake up from their slumber. -Dan On Fri, 9 Nov 2018, David Shaw wrote: Hi, I could really use some help reaching someone at Oracle for a spam problem coming from 129.145.16.122. I've sent

Re: unwise filtering policy on abuse mailboxes

24, 2018 at 04:19:22PM -0700, Dan Hollis wrote: can we please just stop this nonsense? ip under your direct control originates sewage. you should accept reports as-is. requiring victims of your sewage to go through special contortions to report it to you is not acceptable. - The following

unwise filtering policy on abuse mailboxes

can we please just stop this nonsense? ip under your direct control originates sewage. you should accept reports as-is. requiring victims of your sewage to go through special contortions to report it to you is not acceptable. - The following addresses had permanent fatal errors -

looking for collaborating data for phishing email

Anyone who recently received the following phishing email, please drop me an email. I'm looking for collaborating data on an email database breach. Date: Wed, 18 Jul 2018 06:36:19 -0400 Return-Path: Received: from amp3.nuskin.com (amp3.nuskin.net [170.89.24.19] (may be forged)) From: American

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

On Tue, 26 Jun 2018, Suresh Ramasubramanian wrote: "we are not the internet police" right? ( Indeed. Aid and abet would be a more accurate description. -Dan

Re: ICANN GDPR lawsuit

On Mon, 4 Jun 2018, Rubens Kuhl wrote: On Fri, Jun 1, 2018 at 1:56 AM, Hank Nussbacher wrote: Usually, identifying attackers at other online services is a duty on RIR directories, and even the RIPE one is not suffering that many changes due to GDPR. Also, GDPR doesn't prevent law enforcement

Re: ICANN GDPR lawsuit

On Thu, 31 May 2018, b...@theworld.com wrote: FWIW a German court has just ruled against ICANN's injunction and in favor of Tucows/EPAG. https://www.icann.org/news/announcement-4-2018-05-30-en Welcome to contact-free whois? -Dan

ICANN GDPR lawsuit

http://www.circleid.com/posts/20180527_icann_files_legal_action_against_domain_registrar_whois_data/ -Dan

Re: Whois vs GDPR, latest news

On Sat, 26 May 2018, Royce Williams wrote: Naively ... to counter potential panic, it would be awesome to crowdsource some kind of CC-licensed GDPR toolkit for small orgs. Something like a boilerplate privacy policy (perhaps generated by answers to questions), plus some simplified checklists,

Re: Whois vs GDPR, latest news

On Sat, 26 May 2018, Seth Mattinen wrote: On 5/24/18 4:21 PM, Anne P. Mitchell Esq. wrote: Actually, GDPR specifically requires processors to include statements of compliance right in their contracts; we also strongly recommend that controllers insist on indemnification clauses in their

Re: Whois vs GDPR, latest news

On Wed, 23 May 2018, Owen DeLong wrote: On May 23, 2018, at 08:53, John Levine wrote: If they try to sue in, say, US courts, the US court will ask them to explain why a US court should try a suit under foreign law. There is a very short list of reasons to do that, and this

Re: Whois vs GDPR, latest news

On Tue, 22 May 2018, Jimmy Hess wrote: Perhaps it's time that some would consider new RBLs and Blackhole feeds based on : Domains with deliberately unavailable WHOIS data. How about the ones with broken contact data - deliberately or not? A whois blacklist sounds good to me. DNS WBL?

Re: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

On Wed, 28 Feb 2018, Filip Hruska wrote: What exactly should they do, according to you? read and act on abuse reports. Why should people de-peer them? because they ignore abuse reports. -Dan

Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

OVH does not suprise me in the least. Maybe this is finally what it will take to get people to de-peer them. -Dan On Tue, 27 Feb 2018, Ca By wrote: Please do take a look at the cloudflare blog specifically as they name and shame OVH and Digital Ocean for being the primary sources of mega

Re: Attacks from poneytelecom.eu

On Thu, 4 Jan 2018, William Herrin wrote: On Thu, Jan 4, 2018 at 11:48 AM, Michael Crapse wrote: I've never dealt with a support queue that resolved the issue faster than a direct contact. I've never dealt with a support queue that's more competent than the last direct

Re: Attacks from poneytelecom.eu

On Thu, 4 Jan 2018, valdis.kletni...@vt.edu wrote: On Thu, 04 Jan 2018 09:33:51 -0500, William Herrin said: Why anyone thinks it's acceptable for the form submission to vanish in to the faceless support queue is more of a quandary. The form submission should provide a case number, the

Re: Attacks from poneytelecom.eu

On Wed, 3 Jan 2018, Dovid Bender wrote: On Wed, Jan 3, 2018 at 2:47 AM, Mickael Marchand wrote: Hi Dovid, Just fill in our abuse form at https://abuse. online.net I have no idea why anyone thinks it is acceptable to require victims to fill

Re: For the Wireless Guys

Good for a few meters at best? Terahertz is blocked by air. -Dan On Mon, 14 Aug 2017, Rod Beck wrote: https://phys.org/news/2017-08-transmission-terahertz-multiplexer.html Roderick Beck Director of Global Sales United Cable Company DRG Undersea Consulting Affiliate Member

Re: Contact at Orange?

On Thu, 3 Aug 2017, Benoit Panizzon wrote: Apparently this was not their problem. As long as the money's green? -Dan

Re: Vendors spamming NANOG attendees

On Tue, 20 Jun 2017, Rod Beck wrote: And how do you tell if an address was scraped or not? There are databases and zillions of other ways of gaining addresses. One-off addresses. I've used it numerous times to catch the origin, companies like Roland Corporation either leaking databases or

Re: Vendors spamming NANOG attendees

On Wed, 14 Jun 2017, b...@theworld.com wrote: Merely deciding not to patronize them may not be sufficient and that's why we make that sort of thing just outright illegal rather than hope market forces will suffice. Most spam is sent from compromised machines anyway, so there are already

Re: Vendors spamming NANOG attendees

On Tue, 13 Jun 2017, Mike Hammett wrote: I think it would too subject to wild variance in what someone views as bad. Actual SPAM (viagra, Nigerian prices, etc.), of course. Industry-related SPAM, probably. Targeted marketing (looking for someone at Facebook, seeing someone from Facebook and

Re: Vendors spamming NANOG attendees

It's funny to see all this apologia for nanog spammers and attempts to normalize the practice and brush it off as acceptable or unavoidable, especially after the "omg evil politicans voted to rollback fcc privacy rules and let companies sell your data" derpy derp thread. You can't have it

competent earthlink abuse contact please

A competent earthlink abuse contact please? I am getting the runaround from people who are unable to read headers. -Dan

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

Why aren't _ALL_ consumer privacy regulations managed by the FTC? Why is the FCC needed here? -Dan On Wed, 29 Mar 2017, Mark Radabaugh wrote: On Mar 29, 2017, at 9:59 AM, Joe Loiacono wrote: Lowering barriers to entry is where the next political focus should be. Joe

Re: Should abuse mailboxes have quotas?

On Thu, 27 Oct 2016, Jimmy Hess wrote: On Thu, Oct 27, 2016 at 1:35 PM, Dan Hollis <goe...@sasami.anime.net> wrote: not so much malice as gross incompetence. running spamfilters on your abuse@ mailbox, really? that is, for those which actually have an abuse mailbox that doesn't bounce ou

Re: Should abuse mailboxes have quotas?

On Thu, 27 Oct 2016, Steve Atkins wrote: If mail to abuse@ doesn't bounce, give them the benefit of the doubt until statistics say otherwise. I give them a couple weeks/months. The vast majority of them ignore, and allow the abuse to continue. It's amazing how quickly they respond when they

Re: Should abuse mailboxes have quotas?

On Thu, 27 Oct 2016, Christopher Morrow wrote: On Thu, Oct 27, 2016 at 11:03 AM, Stephen Satchell wrote: I'm tired of blatantly uncaring administrations. it's also totally possible that in some cases the mailbox for abuse@ got moved behind some orgs other mail systems...

Re: EVERYTHING about Booters (and CloudFlare)

On Wed, 27 Jul 2016, b...@theworld.com wrote: There isn't even general agreement on whether (or what!) Cloudfare is doing is a problem. aiding and abetting. at the very least willful negligence. -Dan

Re: de-peering for security sake

On Sun, 17 Jan 2016, Doug Barton wrote: On 1/17/2016 12:44 PM, b...@theworld.com wrote: We need an effective forum with effective participation perhaps eventually leading to signed contractual obligations agreed to by all parties. Not gonna help. The same people who have no incentive to do the

Re: de-peering for security sake

On Sun, 17 Jan 2016, b...@theworld.com wrote: Sure, you have your hands on BGP etc, so what router commands (hammer) can effect international policy (nail)? This is fundamentally a social and political issue and needs to be dealt with on that level, not with changes in router configs. bgp

Re: verizon fios bounced a legit private email of mine telling me it was spam and they would not allow it

This is what's going on at verizon. http://www.spamhaus.org/news/article/726/ -Dan On Wed, 13 Jan 2016, Gordon Cook wrote: dear Nanog Sorry to bother you, I am sitting here in shock, I have been a Verizon to FiOS customer for about the past six years at least I think maybe eight.

Re: verizon fios bounced a legit private email of mine telling me it was spam and they would not allow it

complacency. it's a winning formula. -Dan On Thu, 14 Jan 2016, Christopher Morrow wrote: '4 MILLION IP ADDRESSES!!!' On Wed, Jan 13, 2016 at 4:55 PM, Dan Hollis <goe...@sasami.anime.net> wrote: This is what's going on at verizon. http://www.spamhaus.org/news/article/726/ -Dan On W