Re: verizon fios bounced a legit private email of mine telling me it was spam and they would not allow it

2016-01-14 Thread Dan Hollis
This is what's going on at verizon. http://www.spamhaus.org/news/article/726/ -Dan On Wed, 13 Jan 2016, Gordon Cook wrote: dear Nanog Sorry to bother you, I am sitting here in shock, I have been a Verizon to FiOS customer for about the past six years at least I think maybe eight.

Re: de-peering for security sake

2016-01-17 Thread Dan Hollis
On Sun, 17 Jan 2016, Doug Barton wrote: On 1/17/2016 12:44 PM, b...@theworld.com wrote: We need an effective forum with effective participation perhaps eventually leading to signed contractual obligations agreed to by all parties. Not gonna help. The same people who have no incentive to do the

Re: de-peering for security sake

2016-01-17 Thread Dan Hollis
On Sun, 17 Jan 2016, b...@theworld.com wrote: Sure, you have your hands on BGP etc, so what router commands (hammer) can effect international policy (nail)? This is fundamentally a social and political issue and needs to be dealt with on that level, not with changes in router configs. bgp

Re: verizon fios bounced a legit private email of mine telling me it was spam and they would not allow it

2016-01-14 Thread Dan Hollis
complacency. it's a winning formula. -Dan On Thu, 14 Jan 2016, Christopher Morrow wrote: '4 MILLION IP ADDRESSES!!!' On Wed, Jan 13, 2016 at 4:55 PM, Dan Hollis <goe...@sasami.anime.net> wrote: This is what's going on at verizon. http://www.spamhaus.org/news/article/726/ -Dan On W

Re: EVERYTHING about Booters (and CloudFlare)

2016-07-27 Thread Dan Hollis
On Wed, 27 Jul 2016, b...@theworld.com wrote: There isn't even general agreement on whether (or what!) Cloudfare is doing is a problem. aiding and abetting. at the very least willful negligence. -Dan

Re: Should abuse mailboxes have quotas?

2016-10-27 Thread Dan Hollis
On Thu, 27 Oct 2016, Steve Atkins wrote: If mail to abuse@ doesn't bounce, give them the benefit of the doubt until statistics say otherwise. I give them a couple weeks/months. The vast majority of them ignore, and allow the abuse to continue. It's amazing how quickly they respond when they

Re: Should abuse mailboxes have quotas?

2016-10-27 Thread Dan Hollis
On Thu, 27 Oct 2016, Christopher Morrow wrote: On Thu, Oct 27, 2016 at 11:03 AM, Stephen Satchell wrote: I'm tired of blatantly uncaring administrations. it's also totally possible that in some cases the mailbox for abuse@ got moved behind some orgs other mail systems...

Re: Should abuse mailboxes have quotas?

2016-10-27 Thread Dan Hollis
On Thu, 27 Oct 2016, Jimmy Hess wrote: On Thu, Oct 27, 2016 at 1:35 PM, Dan Hollis <goe...@sasami.anime.net> wrote: not so much malice as gross incompetence. running spamfilters on your abuse@ mailbox, really? that is, for those which actually have an abuse mailbox that doesn't bounce ou

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

2017-03-29 Thread Dan Hollis
Why aren't _ALL_ consumer privacy regulations managed by the FTC? Why is the FCC needed here? -Dan On Wed, 29 Mar 2017, Mark Radabaugh wrote: On Mar 29, 2017, at 9:59 AM, Joe Loiacono wrote: Lowering barriers to entry is where the next political focus should be. Joe

competent earthlink abuse contact please

2017-04-06 Thread Dan Hollis
A competent earthlink abuse contact please? I am getting the runaround from people who are unable to read headers. -Dan

Re: Contact at Orange?

2017-08-03 Thread Dan Hollis
On Thu, 3 Aug 2017, Benoit Panizzon wrote: Apparently this was not their problem. As long as the money's green? -Dan

Re: For the Wireless Guys

2017-08-14 Thread Dan Hollis
Good for a few meters at best? Terahertz is blocked by air. -Dan On Mon, 14 Aug 2017, Rod Beck wrote: https://phys.org/news/2017-08-transmission-terahertz-multiplexer.html Roderick Beck Director of Global Sales United Cable Company DRG Undersea Consulting Affiliate Member

Re: Vendors spamming NANOG attendees

2017-06-20 Thread Dan Hollis
On Tue, 20 Jun 2017, Rod Beck wrote: And how do you tell if an address was scraped or not? There are databases and zillions of other ways of gaining addresses. One-off addresses. I've used it numerous times to catch the origin, companies like Roland Corporation either leaking databases or

Re: Vendors spamming NANOG attendees

2017-06-13 Thread Dan Hollis
On Tue, 13 Jun 2017, Mike Hammett wrote: I think it would too subject to wild variance in what someone views as bad. Actual SPAM (viagra, Nigerian prices, etc.), of course. Industry-related SPAM, probably. Targeted marketing (looking for someone at Facebook, seeing someone from Facebook and

Re: Vendors spamming NANOG attendees

2017-06-14 Thread Dan Hollis
On Wed, 14 Jun 2017, b...@theworld.com wrote: Merely deciding not to patronize them may not be sufficient and that's why we make that sort of thing just outright illegal rather than hope market forces will suffice. Most spam is sent from compromised machines anyway, so there are already

Re: Vendors spamming NANOG attendees

2017-06-13 Thread Dan Hollis
It's funny to see all this apologia for nanog spammers and attempts to normalize the practice and brush it off as acceptable or unavoidable, especially after the "omg evil politicans voted to rollback fcc privacy rules and let companies sell your data" derpy derp thread. You can't have it

Re: Whois vs GDPR, latest news

2018-05-23 Thread Dan Hollis
On Tue, 22 May 2018, Jimmy Hess wrote: Perhaps it's time that some would consider new RBLs and Blackhole feeds based on : Domains with deliberately unavailable WHOIS data. How about the ones with broken contact data - deliberately or not? A whois blacklist sounds good to me. DNS WBL?

Re: Whois vs GDPR, latest news

2018-05-23 Thread Dan Hollis
On Wed, 23 May 2018, Owen DeLong wrote: On May 23, 2018, at 08:53, John Levine wrote: If they try to sue in, say, US courts, the US court will ask them to explain why a US court should try a suit under foreign law. There is a very short list of reasons to do that, and this

ICANN GDPR lawsuit

2018-05-30 Thread Dan Hollis
http://www.circleid.com/posts/20180527_icann_files_legal_action_against_domain_registrar_whois_data/ -Dan

Re: Whois vs GDPR, latest news

2018-05-26 Thread Dan Hollis
On Sat, 26 May 2018, Royce Williams wrote: Naively ... to counter potential panic, it would be awesome to crowdsource some kind of CC-licensed GDPR toolkit for small orgs. Something like a boilerplate privacy policy (perhaps generated by answers to questions), plus some simplified checklists,

Re: Whois vs GDPR, latest news

2018-05-26 Thread Dan Hollis
On Sat, 26 May 2018, Seth Mattinen wrote: On 5/24/18 4:21 PM, Anne P. Mitchell Esq. wrote: Actually, GDPR specifically requires processors to include statements of compliance right in their contracts; we also strongly recommend that controllers insist on indemnification clauses in their

Re: ICANN GDPR lawsuit

2018-05-31 Thread Dan Hollis
On Thu, 31 May 2018, b...@theworld.com wrote: FWIW a German court has just ruled against ICANN's injunction and in favor of Tucows/EPAG. https://www.icann.org/news/announcement-4-2018-05-30-en Welcome to contact-free whois? -Dan

Re: ICANN GDPR lawsuit

2018-06-04 Thread Dan Hollis
On Mon, 4 Jun 2018, Rubens Kuhl wrote: On Fri, Jun 1, 2018 at 1:56 AM, Hank Nussbacher wrote: Usually, identifying attackers at other online services is a duty on RIR directories, and even the RIPE one is not suffering that many changes due to GDPR. Also, GDPR doesn't prevent law enforcement

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-27 Thread Dan Hollis
On Tue, 26 Jun 2018, Suresh Ramasubramanian wrote: "we are not the internet police" right? ( Indeed. Aid and abet would be a more accurate description. -Dan

Re: Attacks from poneytelecom.eu

2018-01-04 Thread Dan Hollis
On Thu, 4 Jan 2018, valdis.kletni...@vt.edu wrote: On Thu, 04 Jan 2018 09:33:51 -0500, William Herrin said: Why anyone thinks it's acceptable for the form submission to vanish in to the faceless support queue is more of a quandary. The form submission should provide a case number, the

Re: Attacks from poneytelecom.eu

2018-01-04 Thread Dan Hollis
On Thu, 4 Jan 2018, William Herrin wrote: On Thu, Jan 4, 2018 at 11:48 AM, Michael Crapse wrote: I've never dealt with a support queue that resolved the issue faster than a direct contact. I've never dealt with a support queue that's more competent than the last direct

Re: Attacks from poneytelecom.eu

2018-01-03 Thread Dan Hollis
On Wed, 3 Jan 2018, Dovid Bender wrote: On Wed, Jan 3, 2018 at 2:47 AM, Mickael Marchand wrote: Hi Dovid, Just fill in our abuse form at https://abuse. online.net I have no idea why anyone thinks it is acceptable to require victims to fill

looking for collaborating data for phishing email

2018-07-23 Thread Dan Hollis
Anyone who recently received the following phishing email, please drop me an email. I'm looking for collaborating data on an email database breach. Date: Wed, 18 Jul 2018 06:36:19 -0400 Return-Path: Received: from amp3.nuskin.com (amp3.nuskin.net [170.89.24.19] (may be forged)) From: American

unwise filtering policy on abuse mailboxes

2018-07-24 Thread Dan Hollis
can we please just stop this nonsense? ip under your direct control originates sewage. you should accept reports as-is. requiring victims of your sewage to go through special contortions to report it to you is not acceptable. - The following addresses had permanent fatal errors -

Re: unwise filtering policy on abuse mailboxes

2018-07-24 Thread Dan Hollis
24, 2018 at 04:19:22PM -0700, Dan Hollis wrote: can we please just stop this nonsense? ip under your direct control originates sewage. you should accept reports as-is. requiring victims of your sewage to go through special contortions to report it to you is not acceptable. - The following

Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

2018-02-27 Thread Dan Hollis
OVH does not suprise me in the least. Maybe this is finally what it will take to get people to de-peer them. -Dan On Tue, 27 Feb 2018, Ca By wrote: Please do take a look at the cloudflare blog specifically as they name and shame OVH and Digital Ocean for being the primary sources of mega

Re: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks

2018-02-27 Thread Dan Hollis
On Wed, 28 Feb 2018, Filip Hruska wrote: What exactly should they do, according to you? read and act on abuse reports. Why should people de-peer them? because they ignore abuse reports. -Dan

Re: Oracle abuse contact

2018-11-12 Thread Dan Hollis
Contact some DNSBLs? Sometimes it takes 550 responses to all their smtp connections for them to wake up from their slumber. -Dan On Fri, 9 Nov 2018, David Shaw wrote: Hi, I could really use some help reaching someone at Oracle for a spam problem coming from 129.145.16.122. I've sent

attempted archive.is hijacking

2019-01-05 Thread Dan Hollis
https://twitter.com/archiveis/status/1081276424781287427 Wonder what tactic the hijackers are using, and if it would work with any registrar - or if there is something specific about isnic that allows it to happen. -Dan

Re: Extending network over a dry pair

2018-12-12 Thread Dan Hollis
On Wed, 12 Dec 2018, Nick Bogle wrote: A quick question for you guys; If you had a single dry pair (pair of copper wires originally for phones) to a remote site that was around 6 miles away, what would you use? We currently are just extending a T1 line to this site, but 1.5Mbps isn't cutting it

Re: Extending network over a dry pair

2018-12-12 Thread Dan Hollis
uck. Tim On 12/12/18 5:00 PM, Dan Hollis wrote: On Wed, 12 Dec 2018, Nick Bogle wrote: A quick question for you guys; If you had a single dry pair (pair of copper wires originally for phones) to a remote site that was around 6 miles away, what would you use? We currently are just extending a

Re: Extending network over a dry pair

2018-12-13 Thread Dan Hollis
headend maybe adds a mile or less, it's on the route and about half way through. I made it 6 miles to be safe. We currently can pull a full 1.5Mbps off of that T1 we run there so perhaps CenturyLink is repeating at their CO and/or along the route? On Wed, Dec 12, 2018 at 6:32 PM Dan Hollis wrote

PSA: change your fedex.com account logins

2019-05-30 Thread Dan Hollis
I received a credit card scam addressed to my one-off unique address registered to fedex.com. So it seems fedex.com user database has been compromised. Change your logins asap. -Dan

Re: PSA: change your fedex.com account logins

2019-05-30 Thread Dan Hollis
where are you entered the login information for your Fed ex account. On May 30, 2019, at 4:12 PM, Dan Hollis wrote: I received a credit card scam addressed to my one-off unique address registered to fedex.com. So it seems fedex.com user database has been compromised. Change your logins asap

Re: PSA: change your fedex.com account logins

2019-05-31 Thread Dan Hollis
of work. Targeted attacks are a thing. On Fri, May 31, 2019 at 2:53 AM Mike Hale wrote: Oh for fucks sake. Really? You two are questioning someone who subscribes to Nanog over Fedex? You really think it's more likely that someone is targeting Dan Hollis (whoever he is) instead of Fedex leaving

Re: 29 May 2019: Emotet malspam: 'Mykolab Ref Id: I32560' [Was: Re: Spamming of NANOG list members]

2019-05-29 Thread Dan Hollis
On Wed, 29 May 2019, Paul Ferguson wrote: AS | IP | AS Name 14061 | 68.183.65[.]234| DIGITALOCEAN-ASN - DigitalOcean, LLC, US (shared hosting) 16276 | 158.69.127[.]22| OVH, FR (shared hosting) 51167 | 173.249.2[.]31 | CONTABO, DE (shared hosting) 46475 |

Re: Russian Anal Probing + Malware

2019-06-23 Thread Dan Hollis
On Sun, 23 Jun 2019, Randy Bush wrote: It's just a port/vulnerability scanner, I really don't see anything special about this particular case. they are pushing exploits. trying to RCE, wget a binary, chmod 777 on routers and rm -rf files. this goes way beyond scanner and into criminal trespass

Re: Russian Anal Probing + Malware

2019-06-23 Thread Dan Hollis
On Sat, 22 Jun 2019, Filip Hruska wrote: It's just a port/vulnerability scanner, I really don't see anything special about this particular case. they are pushing exploits. trying to RCE, wget a binary, chmod 777 on routers and rm -rf files. this goes way beyond scanner and into criminal

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

2019-07-16 Thread Dan Hollis
On Tue, 16 Jul 2019, Michael Thomas wrote: But right you are, it's ultimately the carrier who needs to care about this problem at or nothing gets better. either the carrier starts dealing with it or legislation will come down to force the issue. -Dan

really amazon?

2019-07-29 Thread Dan Hollis
Amazon, you really should know better. Source ip: 54.240.4.4 https://search.arin.net/rdap/?query=54.240.4.4 Source Registry ARIN Kind Group Full Name Amazon SES Abuse Handle ASA152-ARIN Email email-ab...@amazon.com RCPT To: <<< 550 #5.1.0 Address rejected. 550 5.1.1 ... User unknown DATA

Re: really amazon?

2019-07-29 Thread Dan Hollis
t the deal is than “Really, amazon?” -mel On Jul 29, 2019, at 4:03 PM, Dan Hollis wrote: Amazon, you really should know better. Source ip: 54.240.4.4 https://search.arin.net/rdap/?query=54.240.4.4 Source Registry ARIN Kind Group Full Name Amazon SES Abuse Handle ASA152-ARIN Email email-ab...@

Re: User Unknown (WAS: really amazon?)

2019-08-15 Thread Dan Hollis
On Mon, 12 Aug 2019, Bruce H McIntosh wrote: On 8/12/19 3:26 PM, Rich Kulawiec wrote: Half my grump with Amazon here is that they have, for all practical purposes, unlimited money and unlimited personnel. They should be the go-to example for How To Do It Right. They should be the model (or

Re: What can ISPs do better? Removing racism out of internet

2019-08-06 Thread Dan Hollis
On Tue, 6 Aug 2019, Rob McEwen wrote: I'm so tired of this thread - but the bottom line is that censorship and even the definition of "hate" and "racism" (especially when used in the vernacular!) are extremely subjective and can lead to situations where reasonable people disagree. And if/when

RE: New Alaskan Network

2019-10-25 Thread Dan Hollis
The verge is garbage. That is all. -Dan On Fri, 25 Oct 2019, Keith Medcalf wrote: Bwahahahaha! It is internally inconsistent. Perhaps this is just shoddy reporting, or perhaps the whole thing is just someone's idea of a wet dream. "The line will begin in North Pole, Alaska and will travel

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Dan Hollis
Fact is the telcos make lots of money off spoofed robocalls so they have zero incentive to stop the practice. -Dan On Thu, 19 Dec 2019, Keith Medcalf wrote: "CallerID" is a misnomer. It is actually the "Advertized ID". However, the telco's realized you would not pay to receive

Re: FCC proposes $10 Million fine for spoofed robocalls

2019-12-20 Thread Dan Hollis
On Fri, 20 Dec 2019, Mike Hammett wrote: So send them all to Lenny? I wish there was a phone app to do this. -Dan

Re: FCC proposes $10 Million fine for spoofed robocalls

2019-12-20 Thread Dan Hollis
On Thu, 19 Dec 2019, Paul Timmins wrote: The people handling these calls know exactly who their customers are, yep and they'd remove them in hours if a legal mandate came down to provide passthrough penalties for providing service to these people. the only penalties that would motivate

Re: AFRINIC: The Saga Continues

2020-01-30 Thread Dan Hollis
On Wed, 29 Jan 2020, Ronald F. Guilmette wrote: In all cases noted below, the networks in question are unambiguously routing IP blocks that were obtained, in the first instance, via thefts perpetrated by one or more AFRINIC insiders and then resold on the black market in secretive deals. What

Re: power to the internet

2019-12-28 Thread Dan Hollis
Nothing. It is extremely cheap, extremely durable, and nearly 100% recyclable. All the things lithium is not. The only thing is lead acid is not power dense, but that is not generally a problem at sites. -Dan On Sat, 28 Dec 2019, Baldur Norddahl wrote: What is wrong with lead acid

ICANN extracts $20m signing fee for $1bn dot-com price increases and guess who's going to pay for it?

2020-01-07 Thread Dan Hollis
https://www.theregister.co.uk/2020/01/07/icann_verisign_fees/ 98% of the comments were opposed. How many / which companies would have to get onboard in order to get enough support for an icann alternative? Is such a thing even feasible? -Dan

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

2020-04-13 Thread Dan Hollis
On Mon, 13 Apr 2020, Kushal R. wrote: As far as that tweet is concerned, it???s pending for 16 days because they have been blocked from sending us any emails due to the sheer amount of emails they started sending and then our live support chats. This is not an acceptable answer. -Dan

Re: FCC and FTC Demand Cut-Off Robercallers of Coronavirus Scams

2020-04-04 Thread Dan Hollis
Sadly I've discovered that >95% of scammers have caught on to lenny by now, and hang up within the first few seconds of hearing him. I guess they've been thoroughly lenny'd already so he's no longer effective. -Dan On Fri, 3 Apr 2020, JASON BOTHE via NANOG wrote: I just need my phone to

Re: Abuse Desks

2020-04-28 Thread Dan Hollis
On Tue, 28 Apr 2020, Matt Corallo via NANOG wrote: Please don't use this kind of crap to send automated "we received 3 login attempts on our SSH box..wa" emails. This is why folks don't have abuse contacts that are responsive to real issues anymore. Thats what SBL is for. -Dan

Re: Phishing and telemarketing telephone calls

2020-04-26 Thread Dan Hollis
On Sun, 26 Apr 2020, Michael Thomas wrote: On 4/25/20 10:23 AM, Anne P. Mitchell, Esq. wrote: So, harass those phone spammers for fun *and* profit! ;-) Here's the write-up I did, feel free to ask me any questions you may have. :-) What exactly is this "basic internet research"? I thought the

Re: Abuse Desks

2020-04-29 Thread Dan Hollis
On Tue, 28 Apr 2020, Matt Corallo wrote: Sadly dumb kids are plentiful. If you have to nag an abuse desk every time they sell a server to a kid who’s experimenting with nmap for the first time then we’ll end up exactly where we are - abuse contacts are not a reliable way to get in touch

Re: A letter from the CEO

2020-11-20 Thread Dan Hollis
On Fri, 20 Nov 2020, Grant Taylor via NANOG wrote: On 11/20/20 4:41 PM, Matt Erculiani wrote: Ben is fairly regular on this list and I can't imagine she did this on purpose. How does one /accidentally/ harvest email addresses and /accidentally/ add them to a Mailchimp list and /accidentally/

Re: Parler

2021-01-10 Thread Dan Hollis
On Sun, 10 Jan 2021, Michael Thomas wrote: On 1/10/21 3:15 PM, Izaac wrote: On Sun, Jan 10, 2021 at 12:01:46PM -0800, Michael Thomas wrote: Considering that it seems that there continues to be talk/planning of armed insurrection, I think we can forgive them for violating professional

Re: Parler

2021-01-10 Thread Dan Hollis
On Mon, 11 Jan 2021, h...@interall.co.il wrote: I would assume Google and Azure would act the same to Parler. So what will end up happening is that US based fringe content will end up being hosted in China or Russia, and Chinese and Russian fringe content will end up being hosted in the USA.

Re: FCC fines for unauthorized carrier changes and consumer billing

2021-04-23 Thread Dan Hollis
On Fri, 23 Apr 2021, Eric Kuhnke wrote: Did the FCC ever collect its $50 million from "Sandwich Isles Telecommunications" for blatant fraud? At this scale I wonder how or why certain people are not in federal prison. FCC is not law enforcement. The FTC can send people to prison. The FCC can

Re: Malicious SS7 activity and why SMS should never by used for 2FA

2021-04-17 Thread Dan Hollis
paypal used to openly support token 2fa, but have since made it nearly impossible to use hardware tokens. they try very hard to ram sms down everyones throats. -Dan On Sun, 18 Apr 2021, Mel Beckman wrote: No, every SMS 2FA should be prohibited by regulatory certifications. The telcos had