[[ My apologies to thos eof you who may see this twice. I have posted the message below also to the RIPE Anti-Abuse Working Group mailing list, so any of you who are on that list also will see this twice. But I believe that it is relevant here also. ]]
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Perhaps some folks here might be interested to read these two reports, the first of which is a fresh news report published just a couple of days ago, and the other one is a far more detailed investigative report that was completed some time ago now. https://www.buzzfeednews.com/article/kenbensinger/dossier-gubarev-russian-hackers-dnc https://www.documentcloud.org/documents/5770258-Fti.html Please share these links widely. The detailed technical report makes it quite abundantly clear that Webzilla, and all of its various tentacles... many of which even I didn't know about until seeing this report... most probably qualifies as, and has qualified as a "bullet proof hosting" operation for some considerable time now. As the report notes, the company has received over 400,000 complaints or reports of bad behavior, and it is not clear to me, from reading the report, if anyone at the company even bothered to read any more than a small handful of those. I have two comments about this. First, I am inclined to wonder aloud why anyone is even still peering with any of the several ASNs mentioned in the report. To me, the mere fact that any of these ASNs still have connectivity represents a clear and self-evident failure of "self policing" in and among the networks that comprise the Internet. Second, its has already been a well know fact, both to me and to many others, for some years now, that Webzilla is by no means alone in the category commonly refered to as "bullet proof hosters". This fact itself raises some obvious questions. It is clear and apparent, not only from the report linked to above, but from the continuous and years-long existance of -many- "bullet proof hosters" on the Internet that there is no shortage of a market for the services of such hosting companies. The demand for "bullet proof" services is clearly there, and it is not likely to go away any time soon. In addition to the criminal element, there are also various mischevious governments, or their agents, that will always be more than happy to pay premium prices for no-questions-asked connectivity. So the question naturally arises: Other than de-peering by other networks, are there any other steps that can be taken to disincentivize networks from participating in this "bullet proof" market and/or to incentivize them to give a damn about their received network abuse complaints? I have no answers for this question myself, but I felt that it was about time that someone at least posed the question. The industry generally, and especially in the RIPE region, has a clear and evident problem that traditional "self policing" is not solving. Worse yet, it is not even discussed much, and that is allowing it to fester and worsen, over time. It would be Good if there was some actual leadership on this issue, at least from -some- quarter. So far I have not noticed any such worth mentioning. And even looking out towards the future horizon, I don't see any arriving any time soon. Regards, rfg
