VPN-enabled advance fee fraud

Nutshell version: a group of criminals who appear to be in Mexico have created an entire fake law firm and deal flow in the U.S., with Photoshopped notary seals and wire instructions. They reportedly use ExpressVPN-- the owner of the IP block used by the suspects states that it leased the IP

Survey on DNS resolver operations and DNSSEC

Hi everyone, The DNS Security Extensions (DNSSEC) add integrity and authenticity to the Domain Name System (DNS). Now, more than 17 years after their standardization, we would like to hear from DNS recursive resolver operators about their experience with DNSSEC. For this reason, we have set up a

Standards Compliant Mail Client Re: V6 still not supported Re: 202203211201.AYC

Hi, Blake: 1)    " so it's not a chore to tell what thread you're even replying to?   ":    I am lost by your statement. I start each of my reply by quoting a phrase or sentence of the message that I am responding to. To be sure the original message in included, I copy the last message

RE: V6 still not supported

Hi all, Hierarchical addressing when the small zone has a smaller address size, but the bigger zone has a bigger address size Does not make too much sense. Indeed, it is possible to increase the source address from 32bits to something bigger when the packet would go out of the small zone (and

A quick note of appreciation

I've occasionally posted to this list, but mostly take a seat in the audience. *** And what a show this is! *** First-class technical discussions, updated news, timely responses. God bless NANOG, and may this community keep up its invaluable contribution to networking, and thereby, to all of

Re: Standards Compliant Mail Client Re: V6 still not supported Re: 202203211201.AYC

On 3/21/22 10:21 AM, Abraham Y. Chen wrote: 1)    " so it's not a chore to tell what thread you're even replying to?   ":    I am lost by your statement. Abe, all of your replies that I've seen in the past few days have been brand new threads (or possibly replies to yourself). None of your

Re: VPN-enabled advance fee fraud

On 3/21/22 11:30 AM, TJ Trout wrote: We have carefully engineered our apps and VPN servers to categorically eliminate sensitive information. As a result, ExpressVPN can never be compelled to provide customer data that does not exist. I understand and appreciate your architecture. However,

Re: VPN-enabled advance fee fraud

On 3/21/22 11:00, Grant Taylor via NANOG wrote: ded. What will ExpressVPN do regarding /established/ connections?  I would expect that network flows / netstat / etc. could provide some information for current, established, and ongoing. If their intent is not to have data available for

Re: Standards Compliant Mail Client Re: V6 still not supported Re: 202203211201.AYC

On 3/21/22 1:57 PM, Grant Taylor via NANOG wrote: > Glancing at the headers, it appears as if NANOG is hosted on a Mailman > mailing list. As such, I believe that you could change your > subscription to use MIME formatted digest, which should include more > proper RFC-822 copies of the

Re: Standards Compliant Mail Client Re: V6 still not supported Re: 202203211201.AYC

On Mon, Mar 21, 2022 at 9:22 AM Abraham Y. Chen wrote: > 1)" so it's not a chore to tell what thread you're even replying to? ": >I am lost by your statement. I start each of my reply by quoting a phrase > or sentence of the message that I am responding to. You've created 18 mail

Re: VPN-enabled advance fee fraud

On 3/19/22 21:23, Andrew G. Watters wrote: Nutshell version: a group of criminals who appear to be in Mexico have created an entire fake law firm and deal flow in the U.S., with Photoshopped notary seals and wire instructions.  They reportedly use ExpressVPN-- the owner of the IP block used by

Re: V6 still not supported

On 20 Mar 2022, at 5:09 AM, Masataka Ohta wrote: > > However, as William Allen Simpson wrote: > >> Then, the powers that be declared that IPv6 should have 128-bit >> addresses, and a host of committees were setup with competing CLNP >> (TUBA) co-chairs. They incorporated many ideas of CLNP and

Re: V6 still not supported

Owen DeLong via NANOG writes: > Virtually every useful flow of packets in one direction requires a > relatively symmetrical flow of packets in the other direction. Packet captures are useful without anything being returned. It's not uncommon to use some sort of unidirectional tunnel to

Re: VPN-enabled advance fee fraud

On 3/21/22 12:56 PM, Jay Hennigan wrote: If their intent is not to have data available for analysis, and it sure sounds like it is, they aren't going to log flows or netstat. Data will be in RAM during the TCP session, then poof. I largely agree regarding persistent storage. However, that

Re: VPN-enabled advance fee fraud

ExpressVPN does NOT and WILL NEVER log: IP addresses (source or VPN) Browsing history Traffic destination or metadata DNS queries We have carefully engineered our apps and VPN servers to categorically eliminate sensitive information. As a result, ExpressVPN can never be compelled to provide

Re: IPv6 "bloat"

> On Mar 20, 2022, at 22:41, Masataka Ohta > wrote: > > Michael Thomas wrote: > >> So out of the current discussions a lot of people have claimed that ipv6 is >> bloated or suffers from second system syndrome, etc. > > IPv6 optional header chain, even after it was widely recognized > that

Re: Making Use of 240/4 NetBlock Re: 202203210955.AYC

Hi, Randy: Great analogy. Regards, Abe (2022-03-21 15:30) -- NANOG Digest, Vol 170, Issue 23 Message: 12 Date: Mon, 21 Mar 2022 03:08:55 -0700 From: Randy Bush To: Joe Maimon Cc: North American Network Operators' Group Subject: Re: Making Use of 240/4 NetBlock

Re: Making Use of 240/4 NetBlock Re: 202203210957.AYC

Dear John: 1)    "  ... everyone, said it's a foolish idea ... ":     Oh, "everyone", really? Are you sure? Please name a couple who expressed their judgments based on */facts/*. Otherwise, you may be fooling everyone with rumors to perpetuate a myth. 2)    By the way, through constructive

Re: VPN-enabled advance fee fraud

of course, jay is right (in the US, anyway). vpn providers often keep the (verified) email address and ip addresses used for service establishment. expressVPN takes bitcoin and what look to me like several other anonymous payment schemes, and there are always prepaid debit cards. following the

Re: Making Use of 240/4 NetBlock Re: 202203210953.AYC

Hi, Joe: 1)    "... how the IETF ivory tower residents likes to try and suppress debate, ...  ":   Interesting metaphor. Along this line, I wonder whether those bouncers on the draw bridge realize that technology has advanced to the point that there are other ways to get around the road

Re: VPN-enabled advance fee fraud

What if they're actively connected and you get a subpoena? On Mon, Mar 21, 2022 at 1:30 PM TJ Trout wrote: > ExpressVPN does NOT and WILL NEVER log: > IP addresses (source or VPN) > > Browsing history > > Traffic destination or metadata > > DNS queries > > We have carefully engineered our apps

Re: VPN-enabled advance fee fraud

On Mon, Mar 21, 2022 at 10:33 AM TJ Trout wrote: > ExpressVPN does NOT and WILL NEVER log: > IP addresses (source or VPN) > > Browsing history > > Traffic destination or metadata > > DNS queries > > We have carefully engineered our apps and VPN servers to categorically > eliminate sensitive

Re: V6 still not supported

At the IP level, packets are stateless. This means that there is no such thing as a “unidirectional” flow of packets. Virtually every useful flow of packets in one direction requires a relatively symmetrical flow of packets in the other direction. Thus, even if you can “increase the size of

Re: V6 still not supported

On 21 Mar 2022, at 12:42 PM, John Curran wrote: > ... > > This is all quite well covered by the IPv6 recommendation document - > https://datatracker.ietf.org/doc/html/rfc1752 > > (a document which probably should be required reading for those >

Re: Making Use of 240/4 NetBlock Re: 202203151549.AYC

John Levine wrote: It appears that Abraham Y. Chen said: C.Recently, we were made aware of the Int-Area activities. Attempts to reach the Group Chairs have not received any responses. D.I just received an Int-Area Digest Vol 199, Issue 14 requesting IETF to reactivate the

Re: Making Use of 240/4 NetBlock Re: 202203151549.AYC

> Is this is how the IETF ivory tower residents likes to try and > suppress debate the ietf is an echo chamber; and if you are not in it, you do not count. https://archive.psg.com/051000.sigcomm-ivtf.pdf randy