Re: FYI - Suspension of Cogent access to ARIN Whois

[Heather Schiller via NANOG]

On Tue, Jan 7, 2020 at 8:50 AM John Curran  wrote:

> On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG 
> wrote:
> >
> > Out of curiosity, since we aren't affected by this ourselves, I know of
> cases where Cogent has sub-allocated IP space to its customers but which
> those customers originate from their own ASN and then announce to multiple
> upstream providers.
> >
> > So while the IP space is registered to Cogent and allocated to its
> customer, the AS-path might be something like ^174_456$ but it's entirely
> possible that ARIN would observe it as ^123_456$ instead. Are such IP
> address blocks affected by the suspension?
>
> As noted earlier, ARIN has suspended service for all Cogent-registered IP
> address blocks - this is being done as a discrete IP block access list
> applied to relevant ARIN Whois services, so the routing of the blocks are
> immaterial - a customer using a suballocation of Cogent space could be
> affected but customers with their own IP blocks blocks that are simply
> being routed by Cogent are not affected.
>
>
"suspended service for all Cogent-registered IP address blocks" may be
causing a bit of confusion since ARIN offers many services.

>From your response, it sounds like it's just an ACL to filter inbound p43
traffic to ARIN's whois service, from Cogent allocated prefixes.  ARIN is
in the best position to tell who is directly scraping their db and whether
this is an effective counter measure.

Recent changes would show up easiest in bulk whois data.  It's not clear
from your message whether they had a bulk whois agreement in place and the
status of that type of access.  If so, revoking the API key would be a
better restriction mechanism than filtering prefixes from reaching
accountws.arin.net

I haven't look at where ARIN's TAL data is hosted, again depending on
how/where it's hosted and how a filter is implemented, it may or may not
impact access to the data.

deny $TOU_Violator any port 43
deny $TOU_Violator  accountws.arin.net
deny $TOU_Violator any

These all have varying levels of impact.  On the one hand I can understand
not wanting to disclose the specific action taken, on the other hand it
would be interesting to know what the scope of responses are for different
types of abuse.




> FYI,
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>
>
>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Ross Tajvar]

Make sure they send evidence to complia...@arin.net so Cogent doesn't keep
getting away with it.

On Mon, Jan 27, 2020, 2:21 PM Darin Steffl  wrote:

> Cogent is still violating this whois suspension.
>
> A couple wisp's I know were contacted by cogent in the last week after
> receiving their ASN.
>
> On Mon, Jan 27, 2020, 12:57 PM Justin Wilson  wrote:
>
>> This shall be my answer from now on.
>>
>> > On Jan 27, 2020, at 1:22 PM, Dovid Bender  wrote:
>> >
>> > I find it interesting that they say their clients didn't see it as an
>> issue. Whenever they called and asked if I want transit my answer always
>> was when they had v6 peering to He and Gooogle we could talk.
>> >
>>
>>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Darin Steffl]

Cogent is still violating this whois suspension.

A couple wisp's I know were contacted by cogent in the last week after
receiving their ASN.

On Mon, Jan 27, 2020, 12:57 PM Justin Wilson  wrote:

> This shall be my answer from now on.
>
> > On Jan 27, 2020, at 1:22 PM, Dovid Bender  wrote:
> >
> > I find it interesting that they say their clients didn't see it as an
> issue. Whenever they called and asked if I want transit my answer always
> was when they had v6 peering to He and Gooogle we could talk.
> >
>
>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Justin Wilson]

This shall be my answer from now on.

> On Jan 27, 2020, at 1:22 PM, Dovid Bender  wrote:
> 
> I find it interesting that they say their clients didn't see it as an issue. 
> Whenever they called and asked if I want transit my answer always was when 
> they had v6 peering to He and Gooogle we could talk.
> 

Re: FYI - Suspension of Cogent access to ARIN Whois

[Dovid Bender]

I find it interesting that they say their clients didn't see it as an
issue. Whenever they called and asked if I want transit my answer always
was when they had v6 peering to He and Gooogle we could talk.


On Mon, Jan 27, 2020 at 12:56 PM Owen DeLong  wrote:

> I now longer have a dog in this fight, but “The” peering cake was my
> project (such as it was)...
>
> Cogent has, to the best of my knowledge, always had rather large voids in
> their IPv6 connectivity. To the best of my knowledge, HE and Google are the
> most significant of these voids, but I believe there are others as well.
>
> Some quotes I received from Cogent representatives over the years (some
> may be slightly paraphrased):
>
> “Hurricane is too small to peer IPv6 with us… They should just buy
> transit from us.”
> “Why should we peer with HE? Our customers aren’t reporting it as
> a problem.”
> “Congested links allow us to pass the savings on to our customers.”
> “We see from ARIN whois that you recently registered an ASN. Want
> to buy transit from us?” (many times over several years)
> (This particular violation of the ARIN Whois AUP/TOS
> eventually resulted in Cogent being suspended from using the service)
>
> Owen
>
>
> > On Jan 26, 2020, at 22:41 , Large Hadron Collider <
> large.hadron.colli...@gmx.com> wrote:
> >
> > Peering cake? Carbohydrates always entice me to peer... :-)
> >
> > On Wed, 8 Jan 2020 10:16:12 -0600
> > "Aaron Gould"  wrote:
> >
> >> I’m pretty sure cogent has had issues providing full internet
> connectivity via ipv6 to google and perhaps he (hurricane electric),
> perhaps others as well, for quite some time now.
> >>
> >>
> >>
> >> -Aaron
> >>
> >>
> >>
> >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of James Breeden
> >> Sent: Tuesday, January 7, 2020 7:04 PM
> >> To: Rich Kulawiec; North American Network Operators' Group
> >> Subject: RE: FYI - Suspension of Cogent access to ARIN Whois
> >>
> >>
> >>
> >> Hmm. Wonder if this can be used to cancel some cogent services... I
> mean, they technically aren't providing access to the full internet now.
> 路‍♂️樂
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Sent via the Samsung Galaxy Note9, an AT 5G Evolution capable
> smartphone
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>  Original message 
> >>
> >> From: Rich Kulawiec 
> >>
> >> Date: 1/7/20 7:02 PM (GMT-06:00)
> >>
> >> To: North American Network Operators' Group 
> >>
> >> Subject: Re: FYI - Suspension of Cogent access to ARIN Whois
> >>
> >>
> >>
> >> On Tue, Jan 07, 2020 at 04:54:22PM -0600, Mike Hammett wrote:
> >>> That said, if there's a stern warning about Cogent abusing the system,
> >>> maybe their customers finding out is a good thing for the overall
> >>> community. ;-)
> >>
> >> And that is what I would suggest: reply to all queries with a notice
> >> that explains what is happening, why it's happening, and provides
> >> contact information for Cogent executives: preferably their *personal*
> >> email addresses and phone numbers.
> >>
> >> ---rsk
> >>
> >
> >
> > --
> > Large Hadron Collider 
>
>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Owen DeLong]

I now longer have a dog in this fight, but “The” peering cake was my project 
(such as it was)...

Cogent has, to the best of my knowledge, always had rather large voids in their 
IPv6 connectivity. To the best of my knowledge, HE and Google are the most 
significant of these voids, but I believe there are others as well.

Some quotes I received from Cogent representatives over the years (some may be 
slightly paraphrased):

“Hurricane is too small to peer IPv6 with us… They should just buy 
transit from us.”
“Why should we peer with HE? Our customers aren’t reporting it as a 
problem.”
“Congested links allow us to pass the savings on to our customers.”
“We see from ARIN whois that you recently registered an ASN. Want to 
buy transit from us?” (many times over several years)
(This particular violation of the ARIN Whois AUP/TOS eventually 
resulted in Cogent being suspended from using the service)

Owen


> On Jan 26, 2020, at 22:41 , Large Hadron Collider 
>  wrote:
> 
> Peering cake? Carbohydrates always entice me to peer... :-)
> 
> On Wed, 8 Jan 2020 10:16:12 -0600
> "Aaron Gould"  wrote:
> 
>> I’m pretty sure cogent has had issues providing full internet connectivity 
>> via ipv6 to google and perhaps he (hurricane electric), perhaps others as 
>> well, for quite some time now.
>> 
>> 
>> 
>> -Aaron
>> 
>> 
>> 
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of James Breeden
>> Sent: Tuesday, January 7, 2020 7:04 PM
>> To: Rich Kulawiec; North American Network Operators' Group
>> Subject: RE: FYI - Suspension of Cogent access to ARIN Whois
>> 
>> 
>> 
>> Hmm. Wonder if this can be used to cancel some cogent services... I mean, 
>> they technically aren't providing access to the full internet now. 路‍♂️樂
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> Sent via the Samsung Galaxy Note9, an AT 5G Evolution capable smartphone
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>>  Original message 
>> 
>> From: Rich Kulawiec 
>> 
>> Date: 1/7/20 7:02 PM (GMT-06:00)
>> 
>> To: North American Network Operators' Group 
>> 
>> Subject: Re: FYI - Suspension of Cogent access to ARIN Whois
>> 
>> 
>> 
>> On Tue, Jan 07, 2020 at 04:54:22PM -0600, Mike Hammett wrote:
>>> That said, if there's a stern warning about Cogent abusing the system,
>>> maybe their customers finding out is a good thing for the overall
>>> community. ;-)
>> 
>> And that is what I would suggest: reply to all queries with a notice
>> that explains what is happening, why it's happening, and provides
>> contact information for Cogent executives: preferably their *personal*
>> email addresses and phone numbers.
>> 
>> ---rsk
>> 
> 
> 
> --
> Large Hadron Collider 

Re: FYI - Suspension of Cogent access to ARIN Whois

[Large Hadron Collider]

Peering cake? Carbohydrates always entice me to peer... :-)

On Wed, 8 Jan 2020 10:16:12 -0600
"Aaron Gould"  wrote:

> I’m pretty sure cogent has had issues providing full internet connectivity 
> via ipv6 to google and perhaps he (hurricane electric), perhaps others as 
> well, for quite some time now.
>
>
>
> -Aaron
>
>
>
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of James Breeden
> Sent: Tuesday, January 7, 2020 7:04 PM
> To: Rich Kulawiec; North American Network Operators' Group
> Subject: RE: FYI - Suspension of Cogent access to ARIN Whois
>
>
>
> Hmm. Wonder if this can be used to cancel some cogent services... I mean, 
> they technically aren't providing access to the full internet now. 路‍♂️樂
>
>
>
>
>
>
>
> Sent via the Samsung Galaxy Note9, an AT 5G Evolution capable smartphone
>
>
>
>
>
>
>
>  Original message 
>
> From: Rich Kulawiec 
>
> Date: 1/7/20 7:02 PM (GMT-06:00)
>
> To: North American Network Operators' Group 
>
> Subject: Re: FYI - Suspension of Cogent access to ARIN Whois
>
>
>
> On Tue, Jan 07, 2020 at 04:54:22PM -0600, Mike Hammett wrote:
> > That said, if there's a stern warning about Cogent abusing the system,
> > maybe their customers finding out is a good thing for the overall
> > community. ;-)
>
> And that is what I would suggest: reply to all queries with a notice
> that explains what is happening, why it's happening, and provides
> contact information for Cogent executives: preferably their *personal*
> email addresses and phone numbers.
>
> ---rsk
>


--
Large Hadron Collider 

Re: FYI - Suspension of Cogent access to ARIN Whois

[Rubens Kuhl]

On Fri, Jan 10, 2020 at 12:17 PM Tom Hill  wrote:

> On 09/01/2020 17:09, Rubens Kuhl wrote:
> > But at least Cogent is not a security and/or anti-spam vendor (or is
> > it?). A security services company (iThreat) spammed all IANA gTLD
> > contacts this week, with the ever lasting excuse of "it's opt-out".
>
>
> Everlasting, unless you're operating under the purview of the GDPR (i.e.
> emailing long-distance[1]).
>
>
European gTLD operators also got spammed... which now gave me an idea on
how to push back on this specific spammer.


Rubens

Re: FYI - Suspension of Cogent access to ARIN Whois

[Tom Hill]

On 09/01/2020 17:09, Rubens Kuhl wrote:
> But at least Cogent is not a security and/or anti-spam vendor (or is
> it?). A security services company (iThreat) spammed all IANA gTLD
> contacts this week, with the ever lasting excuse of "it's opt-out". 


Everlasting, unless you're operating under the purview of the GDPR (i.e.
emailing long-distance[1]).


-- 
Tom

[1] http://bash.org/?142934

Re: FYI - Suspension of Cogent access to ARIN Whois

[Rubens Kuhl]

>
> Will Cogent stop pestering the community with illicitly harvested
> contact information? Will they switch to more nefarious tactics? Who
> knows... Everyone likes having money, after-all.
>
>
But at least Cogent is not a security and/or anti-spam vendor (or is it?).
A security services company (iThreat) spammed all IANA gTLD contacts this
week, with the ever lasting excuse of "it's opt-out".


Rubens

Re: FYI - Suspension of Cogent access to ARIN Whois

[Tom Hill]

On 08/01/2020 13:53, Joe Provo wrote:
>> This is a disproportionate response IMHO. $0.02
>>
>> YMMV,
>  
> And mine certainly does. Well over a decade of documented 
> misbehavior with requests for them to cease certainly makes
> this an appropriate response. I will always applaud an 
> organization enforcing its anti-abuse policies. 
> 
> Similarly, Cogent has been banned from peeringdb multiple 
> times for the exact same behavior.  Repeated warnings had
> no impact and without the bans, the behavior was not adjusted.


Quite.

The root cause isn't even the /fault/ of the individual sales personnel,
whom may or may not be inconvenienced by ARIN's actions. Their
management (and likely, *their* directors/VPs) need to see what their
sanctioned behaviour, and/or demands placed upon their employees in
those sales functions, does to the company's reputation in the industry,
and ultimately their bottom line.

ARIN has tried the carrot, and this is the stick. One of the thinnest
sticks that they could have used, I'd add.

Will Cogent stop pestering the community with illicitly harvested
contact information? Will they switch to more nefarious tactics? Who
knows... Everyone likes having money, after-all.

-- 
Tom

RE: FYI - Suspension of Cogent access to ARIN Whois

[Aaron Gould]

I’m pretty sure cogent has had issues providing full internet connectivity via 
ipv6 to google and perhaps he (hurricane electric), perhaps others as well, for 
quite some time now.

 

-Aaron

 

From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of James Breeden
Sent: Tuesday, January 7, 2020 7:04 PM
To: Rich Kulawiec; North American Network Operators' Group
Subject: RE: FYI - Suspension of Cogent access to ARIN Whois

 

Hmm. Wonder if this can be used to cancel some cogent services... I mean, they 
technically aren't providing access to the full internet now. 路‍♂️樂

 

 

 

Sent via the Samsung Galaxy Note9, an AT 5G Evolution capable smartphone

 

 

 

 Original message 

From: Rich Kulawiec  

Date: 1/7/20 7:02 PM (GMT-06:00) 

To: North American Network Operators' Group  

Subject: Re: FYI - Suspension of Cogent access to ARIN Whois 

 

On Tue, Jan 07, 2020 at 04:54:22PM -0600, Mike Hammett wrote:
> That said, if there's a stern warning about Cogent abusing the system,
> maybe their customers finding out is a good thing for the overall
> community. ;-)

And that is what I would suggest: reply to all queries with a notice
that explains what is happening, why it's happening, and provides
contact information for Cogent executives: preferably their *personal*
email addresses and phone numbers.

---rsk

Re: FYI - Suspension of Cogent access to ARIN Whois

[Joe Provo]

On Tue, Jan 07, 2020 at 05:45:39PM -0500, Martin Hannigan wrote:
> On Tue, Jan 7, 2020 at 08:51 John Curran  wrote:
> 
> > On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG 
> > wrote:
> > >
> > > Out of curiosity, since we aren't affected by this ourselves, I know of
> > cases where Cogent has sub-allocated IP space to its customers but which
> > those customers originate from their own ASN and then announce to multiple
> > upstream providers.
> > >
> > > So while the IP space is registered to Cogent and allocated to its
> > customer, the AS-path might be something like ^174_456$ but it's entirely
> > possible that ARIN would observe it as ^123_456$ instead. Are such IP
> > address blocks affected by the suspension?
> >
> > As noted earlier, ARIN has suspended service for all Cogent-registered IP
> > address blocks - this is being done as a discrete IP block access list
> > applied to relevant ARIN Whois services, so the routing of the blocks are
> > immaterial - a customer using a suballocation of Cogent space could be
> > affected but customers with their own IP blocks blocks that are simply
> > being routed by Cogent are not affected.
> 
> 
> 
> This is a disproportionate response IMHO. $0.02
> 
> YMMV,
 
And mine certainly does. Well over a decade of documented 
misbehavior with requests for them to cease certainly makes
this an appropriate response. I will always applaud an 
organization enforcing its anti-abuse policies. 

Similarly, Cogent has been banned from peeringdb multiple 
times for the exact same behavior.  Repeated warnings had
no impact and without the bans, the behavior was not adjusted.

Cheers,

Joe

-- 
Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling 

Re: FYI - Suspension of Cogent access to ARIN Whois

[Mark Tinka]

On 8/Jan/20 00:59, Matthew Walster wrote:

>
> Same origin, RPKI ROA would be valid.

True. But if one of multiple origins was ROA'd, others that aren't would
be marked as Invalid.

Mark.

Re: FYI - Suspension of Cogent access to ARIN Whois

[Owen DeLong]

I will also say that ARIN does not appear to take suspension like this lightly 
at all… It has taken many years and I’m betting (at least) scores of complaints 
about this chronic behavior by Cogent prior to ARIN taking this action.

I know that I personally have filed a number of fully documented incidents 
myself as well as several less formal mentions of the behavior to ARIN staff 
over at least 5 (probably closer to 10) years.

Owen


> On Jan 6, 2020, at 22:16 , John Curran  wrote:
> 
> On 6 Jan 2020, at 11:43 PM, Stephen Wilcox  > wrote:
>> 
>> Out of interest, what does it take to have an ARIN contract or core ARIN 
>> services revoked? Is there such a threshold, does breach of contract ever 
>> result in consequential action?
>> 
>> This seems more like a talking point than an act with teeth to it…
> 
> Steve - 
> 
> This action is due to misuse of ARIN’s Whois services: specifically, 
> organizations that routinely misuse the Whois data risk losing access to the 
> information. 
> 
> As I noted elsewhere, it is possible for the suspension of access to Whois to 
> be technically circumvented, but ARIN still has to take abuse of the data 
> seriously because our customers make their contact data available 
> specifically for facilitating network operations, and this includes 
> terminating or suspending access to the Whois service for those who 
> chronically fail to comply with the terms of use, such as those who 
> repeatedly violate the prohibition on marketing & solicitation using ARIN 
> Whois data. 
> 
> It is also possible that such misuse of ARIN Whois is a violation of ARIN’s 
> registration services agreement (which provides for more significant recourse 
> such as resource revocation), but ARIN is simply suspending access to the 
> Whois service as that action directly corresponds to (and helps mitigate) the 
> specific terms of use violation. 
> 
> Thanks,
> /John
> 
> John Curran
> President and CEO
> American Registry for Internet Numbers
> 
>  

Re: FYI - Suspension of Cogent access to ARIN Whois

[Owen DeLong]

ARIN can’t do much about that… Have you contacted RIPE and/or APNIC and asked 
them to take appropriate action?

Owen


> On Jan 6, 2020, at 07:58 , David Guo via NANOG  wrote:
> 
> Good News! But we still received several spams from Cogent for our RIPE and 
> APNIC ASNs.
>  
> From: NANOG  On Behalf Of John Curran
> Sent: Monday, January 6, 2020 11:43 PM
> To: nanog@nanog.org
> Subject: FYI - Suspension of Cogent access to ARIN Whois 
> Importance: High
>  
> On 22 Sep 2019, at 8:52 AM, Tim Burke  <mailto:t...@tburke.us>> wrote:
>  
> That is just The Cogent Way™, unfortunately. I just had (yet another) Cogent 
> rep spam me using an email address that is _only_ used as an ARIN contact, 
> trying to sell me bandwidth. When I called him out on it, with 
> complia...@arin.net <mailto:complia...@arin.net> CCed, he backpedaled and 
> claimed to obtain my information from Google.  
>  
> ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
> solicitation is contrary to the terms of use and that they must stop.  
> Despite ARIN’s multiple written demands to Cogent to cease these prohibited 
> activities, ARIN has continued to receive complaints from registrants that 
> Cogent continues to engage in these prohibited solicitation activities.  
>  
> For this reason, ARIN has suspended Cogent Communications’ use of ARIN’s 
> Whois database effective today and continuing for a period of six months.  
> For additional details please refer 
> tohttps://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf
>  
> <https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf>
> ARIN will restore Cogent’s access to the Whois database at an earlier 
> time if Cogent meets certain conditions, including instructing its sales 
> personnel not to engage in the prohibited solicitation activities. 
>  
> Given the otherwise general availability of ARIN Whois, it is quite possible 
> that Cogent personnel may evade the suspension via various means and continue 
> their solicitation.  If that does occur, please inform us (via 
> complia...@arin.net <mailto:complia...@arin.net>), as ARIN is prepared to 
> extend the suspension and/or bring appropriate legal action.
>  
> FYI,
> /John
>  
> John Curran
> President and CEO
> American Registry for Internet Numbers

Re: FYI - Suspension of Cogent access to ARIN Whois

[Jared Mauch]

I have to +1 this. I've been solicited many times by them myself and it's sad 
to see the information used that way. 

When I worked at another carrier I helped stop this as well with the sales 
people. They were creative, but it does at least violate the social norms of 
the industry at minimum and that was enough for me. 

I've been sad to see all the valuable contact methods disappear as the industry 
has grown over the past 25 years 

Sent from my iCar

> On Jan 7, 2020, at 5:49 PM, Matt Harris  wrote:
> 
> 
>> On Tue, Jan 7, 2020 at 4:46 PM Martin Hannigan  wrote:
> 
>> 
>> 
>>> On Tue, Jan 7, 2020 at 08:51 John Curran  wrote:
>>> On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG  
>>> wrote:
>>> > 
>>> > Out of curiosity, since we aren't affected by this ourselves, I know of 
>>> > cases where Cogent has sub-allocated IP space to its customers but which 
>>> > those customers originate from their own ASN and then announce to 
>>> > multiple upstream providers.
>>> > 
>>> > So while the IP space is registered to Cogent and allocated to its 
>>> > customer, the AS-path might be something like ^174_456$ but it's entirely 
>>> > possible that ARIN would observe it as ^123_456$ instead. Are such IP 
>>> > address blocks affected by the suspension?
>>> 
>>> As noted earlier, ARIN has suspended service for all Cogent-registered IP 
>>> address blocks - this is being done as a discrete IP block access list 
>>> applied to relevant ARIN Whois services, so the routing of the blocks are 
>>> immaterial - a customer using a suballocation of Cogent space could be 
>>> affected but customers with their own IP blocks blocks that are simply 
>>> being routed by Cogent are not affected. 
>> 
>> 
>> 
>> 
>> This is a disproportionate response IMHO. $0.02
>> 
>> YMMV,
>> 
>> -M<
> 
> Seems entirely reasonable to me. You break the rules, you lose the privilege. 
> Works the same way with my 7 year old. 
> 

RE: FYI - Suspension of Cogent access to ARIN Whois

[James Breeden]

Hmm. Wonder if this can be used to cancel some cogent services... I mean, they 
technically aren't providing access to the full internet now. 路‍♂️樂



Sent via the Samsung Galaxy Note9, an AT 5G Evolution capable smartphone



 Original message 
From: Rich Kulawiec 
Date: 1/7/20 7:02 PM (GMT-06:00)
To: North American Network Operators' Group 
Subject: Re: FYI - Suspension of Cogent access to ARIN Whois

On Tue, Jan 07, 2020 at 04:54:22PM -0600, Mike Hammett wrote:
> That said, if there's a stern warning about Cogent abusing the system,
> maybe their customers finding out is a good thing for the overall
> community. ;-)

And that is what I would suggest: reply to all queries with a notice
that explains what is happening, why it's happening, and provides
contact information for Cogent executives: preferably their *personal*
email addresses and phone numbers.

---rsk

Re: FYI - Suspension of Cogent access to ARIN Whois

[Rich Kulawiec]

On Tue, Jan 07, 2020 at 04:54:22PM -0600, Mike Hammett wrote:
> That said, if there's a stern warning about Cogent abusing the system,
> maybe their customers finding out is a good thing for the overall
> community. ;-)

And that is what I would suggest: reply to all queries with a notice
that explains what is happening, why it's happening, and provides
contact information for Cogent executives: preferably their *personal*
email addresses and phone numbers.

---rsk

Re: FYI - Suspension of Cogent access to ARIN Whois

[Matthew Walster]

On Tue, 7 Jan 2020, 21:16 Mark Tinka,  wrote:

>
>
> On 7/Jan/20 12:01, Martijn Schmidt via NANOG wrote:
> > So while the IP space is registered to Cogent and allocated to its
> > customer, the AS-path might be something like ^174_456$ but it's
> > entirely possible that ARIN would observe it as ^123_456$ instead. Are
> > such IP address blocks affected by the suspension?
>
> Well, they would certainly be blocked by RPKI unless ROA's for those
> originations are created.
>

Same origin, RPKI ROA would be valid.

M

>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Mike Hammett]

The part that has me uneasy about that action is that the chance that Cogent 
sales reps are using Cogent IPs is probably low. They're probably doing this 
work at home. They wouldn't be blocked at all. 




Also, the chance that there are people that wish to use ARIN Whois services 
that are not Cogent employees and yet come from Cogent IP space is quite high. 
They would be blocked and yet, didn't do anything. 


That said, if there's a stern warning about Cogent abusing the system, maybe 
their customers finding out is a good thing for the overall community. ;-) 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Matt Harris"  
To: "Martin Hannigan"  
Cc: "John Curran" , "North American Network Operators' Group" 
 
Sent: Tuesday, January 7, 2020 4:48:58 PM 
Subject: Re: FYI - Suspension of Cogent access to ARIN Whois 



On Tue, Jan 7, 2020 at 4:46 PM Martin Hannigan < hanni...@gmail.com > wrote: 











On Tue, Jan 7, 2020 at 08:51 John Curran < jcur...@arin.net > wrote: 


On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG < nanog@nanog.org > wrote: 
> 
> Out of curiosity, since we aren't affected by this ourselves, I know of cases 
> where Cogent has sub-allocated IP space to its customers but which those 
> customers originate from their own ASN and then announce to multiple upstream 
> providers. 
> 
> So while the IP space is registered to Cogent and allocated to its customer, 
> the AS-path might be something like ^174_456$ but it's entirely possible that 
> ARIN would observe it as ^123_456$ instead. Are such IP address blocks 
> affected by the suspension? 

As noted earlier, ARIN has suspended service for all Cogent-registered IP 
address blocks - this is being done as a discrete IP block access list applied 
to relevant ARIN Whois services, so the routing of the blocks are immaterial - 
a customer using a suballocation of Cogent space could be affected but 
customers with their own IP blocks blocks that are simply being routed by 
Cogent are not affected. 











This is a disproportionate response IMHO. $0.02 


YMMV, 


-M< 




Seems entirely reasonable to me. You break the rules, you lose the privilege. 
Works the same way with my 7 year old. 

Re: FYI - Suspension of Cogent access to ARIN Whois

[Matt Harris]

On Tue, Jan 7, 2020 at 4:46 PM Martin Hannigan  wrote:

>
>
> On Tue, Jan 7, 2020 at 08:51 John Curran  wrote:
>
>> On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG 
>> wrote:
>> >
>> > Out of curiosity, since we aren't affected by this ourselves, I know of
>> cases where Cogent has sub-allocated IP space to its customers but which
>> those customers originate from their own ASN and then announce to multiple
>> upstream providers.
>> >
>> > So while the IP space is registered to Cogent and allocated to its
>> customer, the AS-path might be something like ^174_456$ but it's entirely
>> possible that ARIN would observe it as ^123_456$ instead. Are such IP
>> address blocks affected by the suspension?
>>
>> As noted earlier, ARIN has suspended service for all Cogent-registered IP
>> address blocks - this is being done as a discrete IP block access list
>> applied to relevant ARIN Whois services, so the routing of the blocks are
>> immaterial - a customer using a suballocation of Cogent space could be
>> affected but customers with their own IP blocks blocks that are simply
>> being routed by Cogent are not affected.
>
>
>
> This is a disproportionate response IMHO. $0.02
>
> YMMV,
>
> -M<
>

Seems entirely reasonable to me. You break the rules, you lose the
privilege. Works the same way with my 7 year old.

Re: FYI - Suspension of Cogent access to ARIN Whois

[Martin Hannigan]

On Tue, Jan 7, 2020 at 08:51 John Curran  wrote:

> On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG 
> wrote:
> >
> > Out of curiosity, since we aren't affected by this ourselves, I know of
> cases where Cogent has sub-allocated IP space to its customers but which
> those customers originate from their own ASN and then announce to multiple
> upstream providers.
> >
> > So while the IP space is registered to Cogent and allocated to its
> customer, the AS-path might be something like ^174_456$ but it's entirely
> possible that ARIN would observe it as ^123_456$ instead. Are such IP
> address blocks affected by the suspension?
>
> As noted earlier, ARIN has suspended service for all Cogent-registered IP
> address blocks - this is being done as a discrete IP block access list
> applied to relevant ARIN Whois services, so the routing of the blocks are
> immaterial - a customer using a suballocation of Cogent space could be
> affected but customers with their own IP blocks blocks that are simply
> being routed by Cogent are not affected.



This is a disproportionate response IMHO. $0.02

YMMV,

-M<

Re: FYI - Suspension of Cogent access to ARIN Whois

[John Curran]

On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG  wrote:
> 
> Out of curiosity, since we aren't affected by this ourselves, I know of cases 
> where Cogent has sub-allocated IP space to its customers but which those 
> customers originate from their own ASN and then announce to multiple upstream 
> providers.
> 
> So while the IP space is registered to Cogent and allocated to its customer, 
> the AS-path might be something like ^174_456$ but it's entirely possible that 
> ARIN would observe it as ^123_456$ instead. Are such IP address blocks 
> affected by the suspension?

As noted earlier, ARIN has suspended service for all Cogent-registered IP 
address blocks - this is being done as a discrete IP block access list applied 
to relevant ARIN Whois services, so the routing of the blocks are immaterial - 
a customer using a suballocation of Cogent space could be affected but 
customers with their own IP blocks blocks that are simply being routed by 
Cogent are not affected. 

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: FYI - Suspension of Cogent access to ARIN Whois

[Mark Tinka]

On 7/Jan/20 13:12, Martijn Schmidt wrote:

> I don't think Cogent signed ROAs for any of their legacy IP space from
> which they make sub-allocations to customers.. so for networks doing ROV 
> it should just evaluate to an unknown state, rather than an invalid state.

Indeed... it was just a reminder to anyone at Cogent that looks after
BGP security (or any of their customers interested in the same) to keep
this in mind.

As part of our deployment of dropping Invalids across eBGP sessions with
customers in recent weeks, this is one of the issues we've come up
against numerous times. We were already against inconsistent AS
origination before RPKI; this emphasizes that issue without proper care
to the needs of RPKI.

Mark.

Re: FYI - Suspension of Cogent access to ARIN Whois

[Martijn Schmidt via NANOG]

On 1/7/20 11:16 AM, Mark Tinka wrote:
> Well, they would certainly be blocked by RPKI unless ROA's for those
> originations are created.
>
> Mark.
I don't think Cogent signed ROAs for any of their legacy IP space from 
which they make sub-allocations to customers.. so for networks doing ROV 
it should just evaluate to an unknown state, rather than an invalid state.

Best regards,
Martijn

Re: FYI - Suspension of Cogent access to ARIN Whois

[Mark Tinka]

On 7/Jan/20 12:01, Martijn Schmidt via NANOG wrote:
> Out of curiosity, since we aren't affected by this ourselves, I know
> of cases where Cogent has sub-allocated IP space to its customers but
> which those customers originate from their own ASN and then announce
> to multiple upstream providers.
>
> So while the IP space is registered to Cogent and allocated to its
> customer, the AS-path might be something like ^174_456$ but it's
> entirely possible that ARIN would observe it as ^123_456$ instead. Are
> such IP address blocks affected by the suspension?

Well, they would certainly be blocked by RPKI unless ROA's for those
originations are created.

Mark.

Re: FYI - Suspension of Cogent access to ARIN Whois

[Martijn Schmidt via NANOG]

Out of curiosity, since we aren't affected by this ourselves, I know of cases 
where Cogent has sub-allocated IP space to its customers but which those 
customers originate from their own ASN and then announce to multiple upstream 
providers.

So while the IP space is registered to Cogent and allocated to its customer, 
the AS-path might be something like ^174_456$ but it's entirely possible that 
ARIN would observe it as ^123_456$ instead. Are such IP address blocks affected 
by the suspension?

Best regards,
Martijn

On 1/7/20 5:30 AM, John Curran wrote:
ARIN has suspended service for all Cogent-registered IP address blocks.  
Customers with their own IP blocks blocks that are simply being announced by 
Cogent are not affected.

/John

John Curran
President and CEO
American Registry for Internet Numbers


On Jan 6, 2020, at 9:44 PM, Ross Tajvar  
wrote:


Yeah this raises a great point - I'm curious how ARIN is differentiating 
between cogent and cogens customers when monitoring for prohibited access. 
Particularly those customers whose IPs belong to and are announced by Cogent.

On Mon, Jan 6, 2020, 10:38 PM Martin Hannigan 
mailto:hanni...@gmail.com>> wrote:

— shifting a side thread


John,

I have no stake in this, so far, but I have a few questions.

Can you define exactly what services have been blocked? IRR/ROA/TLA registry 
updates, etc? Were they blocked ^174 or 174$? This is a precedent AFAIK. I’d 
like to understand consequences. In case I decide to attend Dave’s sales 
training? :-)

Cheers,

-M<



On Mon, Jan 6, 2020 at 10:45 John Curran 
mailto:jcur...@arin.net>> wrote:
On 22 Sep 2019, at 8:52 AM, Tim Burke mailto:t...@tburke.us>> 
wrote:

That is just The Cogent Way™, unfortunately. I just had (yet another) Cogent 
rep spam me using an email address that is _only_ used as an ARIN contact, 
trying to sell me bandwidth. When I called him out on it, with 
complia...@arin.net CCed, he backpedaled and 
claimed to obtain my information from Google.

ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
solicitation is contrary to the terms of use and that they must stop.  Despite 
ARIN’s multiple written demands to Cogent to cease these prohibited activities, 
ARIN has continued to receive complaints from registrants that Cogent continues 
to engage in these prohibited solicitation activities.

For this reason, ARIN has suspended Cogent Communications’ use of ARIN’s Whois 
database effective today and continuing for a period of six months.  For 
additional details please refer to 
https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf  
  ARIN will restore Cogent’s access to the Whois database at an earlier time if 
Cogent meets certain conditions, including instructing its sales personnel not 
to engage in the prohibited solicitation activities.

Given the otherwise general availability of ARIN Whois, it is quite possible 
that Cogent personnel may evade the suspension via various means and continue 
their solicitation.  If that does occur, please inform us (via 
complia...@arin.net), as ARIN is prepared to extend 
the suspension and/or bring appropriate legal action.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: FYI - Suspension of Cogent access to ARIN Whois

[Eric Kuhnke]

I have two separate entries for sets of phone numbers/email addresses,
associated with my name, that must be in Cogent's CRM system as cold leads.

About every six months I am contacted by a new person whom I've never heard
of before. My theory is that each newbie Cogent sales rep has been assigned
a bunch of random cold leads to call and attempt to sell.

The most recent tactic is to request 1 or 10Gb IP transit at impossible to
service sites, such as AT Long Lines towers on top of 1000 meter high
mountains, in Deadhorse Alaska, or the CLLI codes for the COs of tiny
coastal villages on Vancouver Island, British Columbia.

Invariably I never hear anything back from that person again.

The cycle repeats again six months later.



On Tue, Jan 7, 2020 at 1:12 AM Töma Gavrichenkov  wrote:

> Peace,
>
> On Mon, Jan 6, 2020 at 7:17 PM David Hubbard
>  wrote:
> > When they spam me I typically just ask if they have
> > IPv6 to Google and never hear back…
>
> Same here.  Each time they reach out to me I quickly send them to
> investigate if they are able to lift the stupid 100th percentile
> requirement Cogent imposes on us or not yet.  Total Cogent sales rep
> hours wasted with me: a few hundred I believe.
>
> Gonna think about automating this, but am a bit concerned about the
> climate impact.
>
> --
> Töma
>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Tore Anderson]

* David Guo via NANOG

> Good News! But we still received several spams from Cogent for our RIPE and 
> APNIC ASNs.

If you are an EU/EEA citizen, you may object to their use of your personal 
information for marketing purposes (or for any purpose at all), as well as 
request erasure.

(Note: these rights do not extend to impersonal role addresses like 
n...@example.com or hostmas...@example.com.)

According to https://www.cogentco.com/en/cogent-gdpr/data-privacy, this should 
be done by sending e-mail to datapriv...@cogentco.com.

There is no circumstance in which a company can legally refuse an objection to 
processing of personal information for marketing purposes. Therefore, should 
they refuse (or claim compliance but continue to spam you), you have standing 
to file a complaint with your national data protection agency.

A DPA is competent to levy fines for violations of the GDPR of up to €20M or 4% 
of annual global revenue, so there is a certain incentive to respect such 
objections.

(It might be that citizens of California have similar rights under the CCPA, 
which came into force last week.)

Tore

Re: FYI - Suspension of Cogent access to ARIN Whois

[Töma Gavrichenkov]

Peace,

On Mon, Jan 6, 2020 at 7:17 PM David Hubbard
 wrote:
> When they spam me I typically just ask if they have
> IPv6 to Google and never hear back…

Same here.  Each time they reach out to me I quickly send them to
investigate if they are able to lift the stupid 100th percentile
requirement Cogent imposes on us or not yet.  Total Cogent sales rep
hours wasted with me: a few hundred I believe.

Gonna think about automating this, but am a bit concerned about the
climate impact.

--
Töma

Re: FYI - Suspension of Cogent access to ARIN Whois

[Töma Gavrichenkov]

Peace,

On Tue, Jan 7, 2020 at 6:36 AM Martin Hannigan  wrote:
> Can you define exactly what services have been blocked?
> IRR/ROA/TLA registry updates, etc? Were they blocked
> ^174 or 174$? This is a precedent AFAIK. I’d like to
> understand consequences.

+1

--
Töma

Re: FYI - Suspension of Cogent access to ARIN Whois

[John Curran]

On 6 Jan 2020, at 11:43 PM, Stephen Wilcox 
mailto:swil...@ixreach.com>> wrote:

Out of interest, what does it take to have an ARIN contract or core ARIN 
services revoked? Is there such a threshold, does breach of contract ever 
result in consequential action?

This seems more like a talking point than an act with teeth to it…

Steve -

This action is due to misuse of ARIN’s Whois services: specifically, 
organizations that routinely misuse the Whois data risk losing access to the 
information.

As I noted elsewhere, it is possible for the suspension of access to Whois to 
be technically circumvented, but ARIN still has to take abuse of the data 
seriously because our customers make their contact data available specifically 
for facilitating network operations, and this includes terminating or 
suspending access to the Whois service for those who chronically fail to comply 
with the terms of use, such as those who repeatedly violate the prohibition on 
marketing & solicitation using ARIN Whois data.

It is also possible that such misuse of ARIN Whois is a violation of ARIN’s 
registration services agreement (which provides for more significant recourse 
such as resource revocation), but ARIN is simply suspending access to the Whois 
service as that action directly corresponds to (and helps mitigate) the 
specific terms of use violation.

Thanks,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: FYI - Suspension of Cogent access to ARIN Whois

[TJ Trout]

very interesting, so it will have quite a bit of collateral impact on
innocent cogent customers? I like this, because merely removing cogents
access probably wouldn't sway them much.

On Mon, Jan 6, 2020 at 8:30 PM John Curran  wrote:

> ARIN has suspended service for all Cogent-registered IP address blocks.
> Customers with their own IP blocks blocks that are simply being announced
> by Cogent are not affected.
>
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>
> On Jan 6, 2020, at 9:44 PM, Ross Tajvar  wrote:
>
> 
> Yeah this raises a great point - I'm curious how ARIN is differentiating
> between cogent and cogens customers when monitoring for prohibited access.
> Particularly those customers whose IPs belong to and are announced by
> Cogent.
>
> On Mon, Jan 6, 2020, 10:38 PM Martin Hannigan  wrote:
>
>>
>> — shifting a side thread
>>
>>
>> John,
>>
>> I have no stake in this, so far, but I have a few questions.
>>
>> Can you define exactly what services have been blocked? IRR/ROA/TLA
>> registry updates, etc? Were they blocked ^174 or 174$? This is a precedent
>> AFAIK. I’d like to understand consequences. In case I decide to attend
>> Dave’s sales training? :-)
>>
>> Cheers,
>>
>> -M<
>>
>>
>>
>> On Mon, Jan 6, 2020 at 10:45 John Curran  wrote:
>>
>>> On 22 Sep 2019, at 8:52 AM, Tim Burke  wrote:
>>>
>>>
>>> That is just The Cogent Way™, unfortunately. I just had (yet another)
>>> Cogent rep spam me using an email address that is _only_ used as an ARIN
>>> contact, trying to sell me bandwidth. When I called him out on it, with
>>> complia...@arin.net CCed, he backpedaled and claimed to obtain my
>>> information from Google.
>>>
>>>
>>> ARIN has repeatedly informed Cogent that their use of the ARIN Whois for
>>> solicitation is contrary to the terms of use and that they must stop.
>>> Despite ARIN’s multiple written demands to Cogent to cease these prohibited
>>> activities, ARIN has continued to receive complaints from registrants that
>>> Cogent continues to engage in these prohibited solicitation activities.
>>>
>>> For this reason, ARIN has suspended Cogent Communications’ use of
>>> ARIN’s Whois database effective today and continuing for a period of six
>>> months.  For additional details please refer to
>>> https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf
>>>ARIN will restore Cogent’s access to the Whois database at an earlier
>>> time if Cogent meets certain conditions, including instructing its sales
>>> personnel not to engage in the prohibited solicitation activities.
>>>
>>> Given the otherwise general availability of ARIN Whois, it is quite
>>> possible that Cogent personnel may evade the suspension via various means
>>> and continue their solicitation.  If that does occur, please inform us (via
>>> complia...@arin.net), as ARIN is prepared to extend the suspension
>>> and/or bring appropriate legal action.
>>>
>>> FYI,
>>> /John
>>>
>>> John Curran
>>> President and CEO
>>> American Registry for Internet Numbers
>>>
>>>
>>>
>>>
>>>
>>>
>>>

Re: FYI - Suspension of Cogent access to ARIN Whois

[John Curran]

ARIN has suspended service for all Cogent-registered IP address blocks.  
Customers with their own IP blocks blocks that are simply being announced by 
Cogent are not affected.

/John

John Curran
President and CEO
American Registry for Internet Numbers


On Jan 6, 2020, at 9:44 PM, Ross Tajvar  wrote:

?
Yeah this raises a great point - I'm curious how ARIN is differentiating 
between cogent and cogens customers when monitoring for prohibited access. 
Particularly those customers whose IPs belong to and are announced by Cogent.

On Mon, Jan 6, 2020, 10:38 PM Martin Hannigan 
mailto:hanni...@gmail.com>> wrote:

- shifting a side thread


John,

I have no stake in this, so far, but I have a few questions.

Can you define exactly what services have been blocked? IRR/ROA/TLA registry 
updates, etc? Were they blocked ^174 or 174$? This is a precedent AFAIK. I'd 
like to understand consequences. In case I decide to attend Dave's sales 
training? :-)

Cheers,

-M<



On Mon, Jan 6, 2020 at 10:45 John Curran 
mailto:jcur...@arin.net>> wrote:
On 22 Sep 2019, at 8:52 AM, Tim Burke mailto:t...@tburke.us>> 
wrote:

That is just The Cogent Way(tm), unfortunately. I just had (yet another) Cogent 
rep spam me using an email address that is _only_ used as an ARIN contact, 
trying to sell me bandwidth. When I called him out on it, with 
complia...@arin.net CCed, he backpedaled and 
claimed to obtain my information from Google.

ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
solicitation is contrary to the terms of use and that they must stop.  Despite 
ARIN's multiple written demands to Cogent to cease these prohibited activities, 
ARIN has continued to receive complaints from registrants that Cogent continues 
to engage in these prohibited solicitation activities.

For this reason, ARIN has suspended Cogent Communications' use of ARIN's Whois 
database effective today and continuing for a period of six months.  For 
additional details please refer to 
https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf  
  ARIN will restore Cogent's access to the Whois database at an earlier time if 
Cogent meets certain conditions, including instructing its sales personnel not 
to engage in the prohibited solicitation activities.

Given the otherwise general availability of ARIN Whois, it is quite possible 
that Cogent personnel may evade the suspension via various means and continue 
their solicitation.  If that does occur, please inform us (via 
complia...@arin.net), as ARIN is prepared to extend 
the suspension and/or bring appropriate legal action.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: FYI - Suspension of Cogent access to ARIN Whois

[Ross Tajvar]

Yeah this raises a great point - I'm curious how ARIN is differentiating
between cogent and cogens customers when monitoring for prohibited access.
Particularly those customers whose IPs belong to and are announced by
Cogent.

On Mon, Jan 6, 2020, 10:38 PM Martin Hannigan  wrote:

>
> — shifting a side thread
>
>
> John,
>
> I have no stake in this, so far, but I have a few questions.
>
> Can you define exactly what services have been blocked? IRR/ROA/TLA
> registry updates, etc? Were they blocked ^174 or 174$? This is a precedent
> AFAIK. I’d like to understand consequences. In case I decide to attend
> Dave’s sales training? :-)
>
> Cheers,
>
> -M<
>
>
>
> On Mon, Jan 6, 2020 at 10:45 John Curran  wrote:
>
>> On 22 Sep 2019, at 8:52 AM, Tim Burke  wrote:
>>
>>
>> That is just The Cogent Way™, unfortunately. I just had (yet another)
>> Cogent rep spam me using an email address that is _only_ used as an ARIN
>> contact, trying to sell me bandwidth. When I called him out on it, with
>> complia...@arin.net CCed, he backpedaled and claimed to obtain my
>> information from Google.
>>
>>
>> ARIN has repeatedly informed Cogent that their use of the ARIN Whois for
>> solicitation is contrary to the terms of use and that they must stop.
>> Despite ARIN’s multiple written demands to Cogent to cease these prohibited
>> activities, ARIN has continued to receive complaints from registrants that
>> Cogent continues to engage in these prohibited solicitation activities.
>>
>> For this reason, ARIN has suspended Cogent Communications’ use of
>> ARIN’s Whois database effective today and continuing for a period of six
>> months.  For additional details please refer to
>> https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf
>>ARIN will restore Cogent’s access to the Whois database at an earlier
>> time if Cogent meets certain conditions, including instructing its sales
>> personnel not to engage in the prohibited solicitation activities.
>>
>> Given the otherwise general availability of ARIN Whois, it is quite
>> possible that Cogent personnel may evade the suspension via various means
>> and continue their solicitation.  If that does occur, please inform us (via
>> complia...@arin.net), as ARIN is prepared to extend the suspension
>> and/or bring appropriate legal action.
>>
>> FYI,
>> /John
>>
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers
>>
>>
>>
>>
>>
>>
>>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Martin Hannigan]

— shifting a side thread


John,

I have no stake in this, so far, but I have a few questions.

Can you define exactly what services have been blocked? IRR/ROA/TLA
registry updates, etc? Were they blocked ^174 or 174$? This is a precedent
AFAIK. I’d like to understand consequences. In case I decide to attend
Dave’s sales training? :-)

Cheers,

-M<



On Mon, Jan 6, 2020 at 10:45 John Curran  wrote:

> On 22 Sep 2019, at 8:52 AM, Tim Burke  wrote:
>
>
> That is just The Cogent Way™, unfortunately. I just had (yet another)
> Cogent rep spam me using an email address that is _only_ used as an ARIN
> contact, trying to sell me bandwidth. When I called him out on it, with
> complia...@arin.net CCed, he backpedaled and claimed to obtain my
> information from Google.
>
>
> ARIN has repeatedly informed Cogent that their use of the ARIN Whois for
> solicitation is contrary to the terms of use and that they must stop.
> Despite ARIN’s multiple written demands to Cogent to cease these prohibited
> activities, ARIN has continued to receive complaints from registrants that
> Cogent continues to engage in these prohibited solicitation activities.
>
> For this reason, ARIN has suspended Cogent Communications’ use of
> ARIN’s Whois database effective today and continuing for a period of six
> months.  For additional details please refer to
> https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf
>ARIN will restore Cogent’s access to the Whois database at an earlier
> time if Cogent meets certain conditions, including instructing its sales
> personnel not to engage in the prohibited solicitation activities.
>
> Given the otherwise general availability of ARIN Whois, it is quite
> possible that Cogent personnel may evade the suspension via various means
> and continue their solicitation.  If that does occur, please inform us (via
> complia...@arin.net), as ARIN is prepared to extend the suspension
> and/or bring appropriate legal action.
>
> FYI,
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>
>
>
>
>
>

Re: FYI - Suspension of Cogent access to ARIN Whois

[Christian Seitz]

Am 06.01.20 um 16:58 schrieb David Guo via NANOG:
> Good News! But we still received several spams from Cogent for our RIPE
> and APNIC ASNs.
They seem to look at changes in more databases than just ARIN...

Several months ago I received a new ASN from RIPE for a company that is in
business for more than 25 years now, but always used static routing for their
PI space from one transit provider. 2 days after the ASN has been registered
in the RIPE database somebody from Cogent called me as the admin-c and asked
if we need transit for the new ASN or help with BGP.

Also, as we all know, Cogent calls or sends emails every few months although
you tell them to remove your contact details from their database. Once in,
never out...

P.S.: Thanks to ARIN for blocking Cogent from the database. Others should do
the same until Cogent stops spamming the contacts for sales reasons.

Chris

FYI - Suspension of Cogent access to ARIN Whois

[John Curran]

ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
solicitation is contrary to the terms of use and that they must stop.  Despite 
ARIN’s multiple written demands to Cogent to cease these prohibited activities, 
ARIN has continued to receive complaints from registrants that Cogent continues 
to engage in these prohibited solicitation activities.

For this reason, ARIN has suspended Cogent Communications’ use of ARIN’s Whois 
database effective today and continuing for a period of six months.  For 
additional details please refer to 
https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf  
  ARIN will restore Cogent’s access to the Whois database at an earlier time if 
Cogent meets certain conditions, including instructing its sales personnel not 
to engage in the prohibited solicitation activities.

Given the otherwise general availability of ARIN Whois, it is quite possible 
that Cogent personnel may evade the suspension via various means and continue 
their solicitation.  If that does occur, please inform us (via 
complia...@arin.net), as ARIN is prepared to extend 
the suspension and/or bring appropriate legal action.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

(By request of some readers, this is being resent as separate thread for better 
visibility.)

Re: FYI - Suspension of Cogent access to ARIN Whois

[David Hubbard]

When they spam me I typically just ask if they have IPv6 to Google and never 
hear back…

From: NANOG  on behalf of David Guo via NANOG 

Reply-To: David Guo 
Date: Monday, January 6, 2020 at 11:06 AM
To: John Curran , "nanog@nanog.org" 
Subject: RE: FYI - Suspension of Cogent access to ARIN Whois

Good News! But we still received several spams from Cogent for our RIPE and 
APNIC ASNs.

From: NANOG  On Behalf Of John Curran
Sent: Monday, January 6, 2020 11:43 PM
To: nanog@nanog.org
Subject: FYI - Suspension of Cogent access to ARIN Whois
Importance: High

On 22 Sep 2019, at 8:52 AM, Tim Burke mailto:t...@tburke.us>> 
wrote:

That is just The Cogent Way™, unfortunately. I just had (yet another) Cogent 
rep spam me using an email address that is _only_ used as an ARIN contact, 
trying to sell me bandwidth. When I called him out on it, with 
complia...@arin.net<mailto:complia...@arin.net> CCed, he backpedaled and 
claimed to obtain my information from Google.

ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
solicitation is contrary to the terms of use and that they must stop.  Despite 
ARIN’s multiple written demands to Cogent to cease these prohibited activities, 
ARIN has continued to receive complaints from registrants that Cogent continues 
to engage in these prohibited solicitation activities.

For this reason, ARIN has suspended Cogent Communications’ use of ARIN’s Whois 
database effective today and continuing for a period of six months.  For 
additional details please refer to 
https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf  
  ARIN will restore Cogent’s access to the Whois database at an earlier time if 
Cogent meets certain conditions, including instructing its sales personnel not 
to engage in the prohibited solicitation activities.

Given the otherwise general availability of ARIN Whois, it is quite possible 
that Cogent personnel may evade the suspension via various means and continue 
their solicitation.  If that does occur, please inform us (via 
complia...@arin.net<mailto:complia...@arin.net>), as ARIN is prepared to extend 
the suspension and/or bring appropriate legal action.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

RE: FYI - Suspension of Cogent access to ARIN Whois

[David Guo via NANOG]

Good News! But we still received several spams from Cogent for our RIPE and 
APNIC ASNs.

From: NANOG  On Behalf Of John Curran
Sent: Monday, January 6, 2020 11:43 PM
To: nanog@nanog.org
Subject: FYI - Suspension of Cogent access to ARIN Whois
Importance: High

On 22 Sep 2019, at 8:52 AM, Tim Burke mailto:t...@tburke.us>> 
wrote:

That is just The Cogent Way™, unfortunately. I just had (yet another) Cogent 
rep spam me using an email address that is _only_ used as an ARIN contact, 
trying to sell me bandwidth. When I called him out on it, with 
complia...@arin.net<mailto:complia...@arin.net> CCed, he backpedaled and 
claimed to obtain my information from Google.

ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
solicitation is contrary to the terms of use and that they must stop.  Despite 
ARIN’s multiple written demands to Cogent to cease these prohibited activities, 
ARIN has continued to receive complaints from registrants that Cogent continues 
to engage in these prohibited solicitation activities.

For this reason, ARIN has suspended Cogent Communications’ use of ARIN’s Whois 
database effective today and continuing for a period of six months.  For 
additional details please refer to 
https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf  
  ARIN will restore Cogent’s access to the Whois database at an earlier time if 
Cogent meets certain conditions, including instructing its sales personnel not 
to engage in the prohibited solicitation activities.

Given the otherwise general availability of ARIN Whois, it is quite possible 
that Cogent personnel may evade the suspension via various means and continue 
their solicitation.  If that does occur, please inform us (via 
complia...@arin.net<mailto:complia...@arin.net>), as ARIN is prepared to extend 
the suspension and/or bring appropriate legal action.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: FYI - Suspension of Cogent access to ARIN Whois

[chris]

thank you thank you thank you

On Mon, Jan 6, 2020 at 10:44 AM John Curran  wrote:

> On 22 Sep 2019, at 8:52 AM, Tim Burke  wrote:
>
>
> That is just The Cogent Way™, unfortunately. I just had (yet another)
> Cogent rep spam me using an email address that is _only_ used as an ARIN
> contact, trying to sell me bandwidth. When I called him out on it, with
> complia...@arin.net CCed, he backpedaled and claimed to obtain my
> information from Google.
>
>
> ARIN has repeatedly informed Cogent that their use of the ARIN Whois for
> solicitation is contrary to the terms of use and that they must stop.
> Despite ARIN’s multiple written demands to Cogent to cease these prohibited
> activities, ARIN has continued to receive complaints from registrants that
> Cogent continues to engage in these prohibited solicitation activities.
>
> For this reason, ARIN has suspended Cogent Communications’ use of
> ARIN’s Whois database effective today and continuing for a period of six
> months.  For additional details please refer to
> https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf
>ARIN will restore Cogent’s access to the Whois database at an earlier
> time if Cogent meets certain conditions, including instructing its sales
> personnel not to engage in the prohibited solicitation activities.
>
> Given the otherwise general availability of ARIN Whois, it is quite
> possible that Cogent personnel may evade the suspension via various means
> and continue their solicitation.  If that does occur, please inform us (via
> complia...@arin.net), as ARIN is prepared to extend the suspension
> and/or bring appropriate legal action.
>
> FYI,
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>
>
>
>
>
>

FYI - Suspension of Cogent access to ARIN Whois

[John Curran]

On 22 Sep 2019, at 8:52 AM, Tim Burke mailto:t...@tburke.us>> 
wrote:

That is just The Cogent Way™, unfortunately. I just had (yet another) Cogent 
rep spam me using an email address that is _only_ used as an ARIN contact, 
trying to sell me bandwidth. When I called him out on it, with 
complia...@arin.net CCed, he backpedaled and 
claimed to obtain my information from Google.

ARIN has repeatedly informed Cogent that their use of the ARIN Whois for 
solicitation is contrary to the terms of use and that they must stop.  Despite 
ARIN’s multiple written demands to Cogent to cease these prohibited activities, 
ARIN has continued to receive complaints from registrants that Cogent continues 
to engage in these prohibited solicitation activities.

For this reason, ARIN has suspended Cogent Communications’ use of ARIN’s Whois 
database effective today and continuing for a period of six months.  For 
additional details please refer to 
https://www.arin.net/vault/about_us/corp_docs/20200106_whois_tos_violation.pdf  
  ARIN will restore Cogent’s access to the Whois database at an earlier time if 
Cogent meets certain conditions, including instructing its sales personnel not 
to engage in the prohibited solicitation activities.

Given the otherwise general availability of ARIN Whois, it is quite possible 
that Cogent personnel may evade the suspension via various means and continue 
their solicitation.  If that does occur, please inform us (via 
complia...@arin.net), as ARIN is prepared to extend 
the suspension and/or bring appropriate legal action.

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers