From snash at arbor.net Fri Feb 1 11:51:45 2013 From: snash at arbor.net (Nash, Steve) Date: Fri, 1 Feb 2013 10:51:45 +0000 Subject: [anti-abuse-wg] RIPE response to Terrorist use of the Internet - CleanIT Message-ID: <8889DC743021D34399AB2D4981985CFB162FCE7D0A@MBX21.EXCHPROD.USA.NET> CleanIT (www.cleanitproject.eu/wp-content/uploads/2013/01/Reducing-terrorist-use-of-the-internet.pdf ) seems to me to be a useful report asking governments to facilitate awareness and fund "referral units", and "Internet Companies" to provide reasonable end-user feedback mechanisms on suspected Terrorist Internet use. - Terrorist use of the Internet is not a subject that fits into the remit of any one RIPE WG. - One might consider such use to be Abuse, but the current charter of Anti Abuse excludes dealing with illegal content. - This subject may also be considered to require specialist attention that not all members of any existing WG would wish to follow. Do we need a new WG, or do we need a sub-WG list within an existing WG? I do think it is important that RIPE responds to the report in some way, otherwise RIPE will be considered as disinterested, and not necessarily engaged in future dialogue. Regards Steve Nash Steve.nash at theiet.org -----Original Message----- From: cooperation-wg-bounces at ripe.net [mailto:cooperation-wg-bounces at ripe.net] On Behalf Of Patrik F?ltstr?m Sent: 31 January 2013 12:34 To: Brian Nisbet Cc: cooperation-wg at ripe.net; anti-abuse-wg at ripe.net Subject: Re: [cooperation-wg] CleanIT Update Brian, I am sure many people on the coop wg is interested in this work, so thank you for copying the mailing list. Patrik F?ltstr?m Co-chair cooperation working group On 31 jan 2013, at 12:55, Brian Nisbet wrote: > Colleagues, > > (And cross posted to the Cooperation WG as it may be something interesting for them also.) > > You may be aware of the the CleanIT project http://www.cleanitproject.eu/ > > This project has presented to the AA-WG at two RIPE meetings and Tobias and I said we would keep the working group up to date. The final document of the project was officially published yesterday in Brussels and handed over to the EU Counter Terrorism Coordinator Gilles de Kerchove. More information, including a download link for the document can be found here: > > http://www.cleanitproject.eu/final-document-clean-it-published/ > > It is unclear at present whether there will be any follow-up to the project, but various parties wish to investigate possibilities. > > If there are any further moves or projects to come out of this, we will let the AA-WG know. > > Brian > From brian.nisbet at heanet.ie Fri Feb 1 15:41:15 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Fri, 01 Feb 2013 14:41:15 +0000 Subject: [anti-abuse-wg] RIPE response to Terrorist use of the Internet - CleanIT In-Reply-To: <8889DC743021D34399AB2D4981985CFB162FCE7D0A@MBX21.EXCHPROD.USA.NET> References: <8889DC743021D34399AB2D4981985CFB162FCE7D0A@MBX21.EXCHPROD.USA.NET> Message-ID: <510BD40B.8050204@heanet.ie> Steve, I strongly believe we do not need a new WG to address this. You are correct that this matter doesn't strictly fit into the AA-WG Charter, it's more an accident of timing that brought us together. Nobody has raised an objection before now, but if the community would prefer this to be dealt with by another WG, we can easily work on that. I would also point out that both the RIPE community and the RIPE NCC have clearly demonstrated their interest in this process and project. We have been active participants since the beginning of the project and both Tobias and I were at the meeting in Brussels, as were Athina Fragkouli and Andrew de la Haye from the RIPE NCC. There is no question that the people involved in this project would involve both the NCC and the community in any future work. I'm not sure what kind of response you had in mind? Brian Nash, Steve wrote the following on 01/02/2013 10:51: > CleanIT (www.cleanitproject.eu/wp-content/uploads/2013/01/Reducing-terrorist-use-of-the-internet.pdf ) seems to me to be a useful report asking governments to facilitate awareness and fund "referral units", and "Internet Companies" to provide reasonable end-user feedback mechanisms on suspected Terrorist Internet use. > > - Terrorist use of the Internet is not a subject that fits into the remit of any one RIPE WG. > - One might consider such use to be Abuse, but the current charter of Anti Abuse excludes dealing with illegal content. > - This subject may also be considered to require specialist attention that not all members of any existing WG would wish to follow. > > Do we need a new WG, or do we need a sub-WG list within an existing WG? > > I do think it is important that RIPE responds to the report in some way, otherwise RIPE will be considered as disinterested, and not necessarily engaged in future dialogue. > > Regards > Steve Nash > Steve.nash at theiet.org > > > > > > -----Original Message----- > From: cooperation-wg-bounces at ripe.net [mailto:cooperation-wg-bounces at ripe.net] On Behalf Of Patrik F?ltstr?m > Sent: 31 January 2013 12:34 > To: Brian Nisbet > Cc: cooperation-wg at ripe.net; anti-abuse-wg at ripe.net > Subject: Re: [cooperation-wg] CleanIT Update > > Brian, > > I am sure many people on the coop wg is interested in this work, so thank you for copying the mailing list. > > Patrik F?ltstr?m > Co-chair cooperation working group > > On 31 jan 2013, at 12:55, Brian Nisbet wrote: > >> Colleagues, >> >> (And cross posted to the Cooperation WG as it may be something interesting for them also.) >> >> You may be aware of the the CleanIT project http://www.cleanitproject.eu/ >> >> This project has presented to the AA-WG at two RIPE meetings and Tobias and I said we would keep the working group up to date. The final document of the project was officially published yesterday in Brussels and handed over to the EU Counter Terrorism Coordinator Gilles de Kerchove. More information, including a download link for the document can be found here: >> >> http://www.cleanitproject.eu/final-document-clean-it-published/ >> >> It is unclear at present whether there will be any follow-up to the project, but various parties wish to investigate possibilities. >> >> If there are any further moves or projects to come out of this, we will let the AA-WG know. >> >> Brian >> > > > From jim at rfc1035.com Fri Feb 1 16:10:57 2013 From: jim at rfc1035.com (Jim Reid) Date: Fri, 1 Feb 2013 15:10:57 +0000 Subject: [anti-abuse-wg] [cooperation-wg] RIPE response to Terrorist use of the Internet - CleanIT In-Reply-To: <8889DC743021D34399AB2D4981985CFB162FCE7D0A@MBX21.EXCHPROD.USA.NET> References: <8889DC743021D34399AB2D4981985CFB162FCE7D0A@MBX21.EXCHPROD.USA.NET> Message-ID: <9102821F-D8D0-4202-A488-315DBF65FB19@rfc1035.com> On 1 Feb 2013, at 10:51, "Nash, Steve" wrote: > - Terrorist use of the Internet is not a subject that fits into the remit of any one RIPE WG. > - One might consider such use to be Abuse, but the current charter of Anti Abuse excludes dealing with illegal content. > - This subject may also be considered to require specialist attention that not all members of any existing WG would wish to follow. It's almost impossible to come up with a consensus definition of terrorism for just one country, let alone across the RIPE service region. Consensus on a region-wide definition of illegal content seems unlikely too. So I suggest we don't go down those rat-holes. Instead we should engage with law enforcement and governments to reach a common understanding on what practical steps can be taken or are being taken, discuss the legal/technical issues, develop processes for exchanging information, doing liaison and outreach, etc. IIUC this is already happening. > Do we need a new WG, or do we need a sub-WG list within an existing WG? No. IMO the current arrangements seem to be fine. IIUC NCC staff and representatives of relevant WGs are already involved in this project and engage more generally with governments and law enforcement on things like crime prevention and counterterrorism. If the existing arrangements are not working, we first need to find out why before deciding how to fix the problem(s). Creating a new WG or a Task Force (say) seems to be putting the cart before the horse. Even more so when it's not clear what's broken or needs to be fixed. Do you have any insight that the community's current activities in this area are unsatisfactory? Can you explain how a new WG or whatever would improve matters? > I do think it is important that RIPE responds to the report in some way, otherwise RIPE will be considered as disinterested, and not necessarily engaged in future dialogue. RIPE and the NCC are already engaged AFAICT. From julien at tayon.net Fri Feb 1 16:47:48 2013 From: julien at tayon.net (julien tayon) Date: Fri, 1 Feb 2013 10:47:48 -0500 Subject: [anti-abuse-wg] [cooperation-wg] RIPE response to Terrorist use of the Internet - CleanIT In-Reply-To: <9102821F-D8D0-4202-A488-315DBF65FB19@rfc1035.com> References: <8889DC743021D34399AB2D4981985CFB162FCE7D0A@MBX21.EXCHPROD.USA.NET> <9102821F-D8D0-4202-A488-315DBF65FB19@rfc1035.com> Message-ID: 2013/2/1 Jim Reid > On 1 Feb 2013, at 10:51, "Nash, Steve" wrote: > > > - Terrorist use of the Internet is not a subject that fits into the > remit of any one RIPE WG. > > - One might consider such use to be Abuse, but the current charter of > Anti Abuse excludes dealing with illegal content. > > - This subject may also be considered to require specialist attention > that not all members of any existing WG would wish to follow. > > It's almost impossible to come up with a consensus definition of terrorism > for just one country, let alone across the RIPE service region. Consensus > on a region-wide definition of illegal content seems unlikely too. So I > suggest we don't go down those rat-holes. Instead we should engage with law > enforcement and governments to reach a common understanding on what > practical steps can be taken or are being taken, discuss the > legal/technical issues, develop processes for exchanging information, doing > liaison and outreach, etc. IIUC this is already happening. > > > Do we need a new WG, or do we need a sub-WG list within an existing WG? > > No. IMO the current arrangements seem to be fine. IIUC NCC staff and > representatives of relevant WGs are already involved in this project and > engage more generally with governments and law enforcement on things like > crime prevention and counterterrorism. If the existing arrangements are not > working, we first need to find out why before deciding how to fix the > problem(s). Creating a new WG or a Task Force (say) seems to be putting the > cart before the horse. Even more so when it's not clear what's broken or > needs to be fixed. > > Do you have any insight that the community's current activities in this > area are unsatisfactory? Can you explain how a new WG or whatever would > improve matters? > > > I do think it is important that RIPE responds to the report in some way, > otherwise RIPE will be considered as disinterested, and not necessarily > engaged in future dialogue. > > RIPE and the NCC are already engaged AFAICT. > > So IETF is (thus internet) is above the ?wire? and below the application. RIPE is a (big) RIR is delivering IP/AS: it is clearly in the realm described earlier and in the RIR policy stuff. Terrorism is an highly politicial content and behaviour based definition, it is way up the level of application. So it seems to me it is clearly not relevant to treat terrorism threat at the media level. Should the media be aware of the content? Yes, if like louis XIV you want to create patent for editing in order to censor the ideas. The printing was not responsible for the fall of monarchy, it was the ideas. You don't fight ideas by fighting the media that carries them. You fight them with education. For the record France is not a monarchy anymore and ?Colporteur? (alternative reseller of books printed in Holland) made the idea spread whatever the illusion of control the monarchy had. History repeats itself, you can try to control media to fight idea, but it is inefficient and counterproductive. Legit citizens that read the RIPE mailing list will at a moment or another blow the whistle regarding their concern of a techno censorship. I am disappointed by RIPE an organisation based in the country that so dearly protected the spread of ideas that were considered ?terrorists? by the monarchy, and a major actor in the ?Philosophie des Lumi?res? to side with the actual initiative for obscurantism. -------------- next part -------------- An HTML attachment was scrubbed... URL: From michieldeweger at centuryconsulting.nl Fri Feb 1 18:28:57 2013 From: michieldeweger at centuryconsulting.nl (Dr Michiel de Weger) Date: Fri, 1 Feb 2013 18:28:57 +0100 Subject: [anti-abuse-wg] RIPE response to Terrorist use of the Internet -CleanIT Message-ID: <0BF05B5C231542B495CD7C24520F6AEF.MAI@hostingenregistratie.nl> An HTML attachment was scrubbed... URL: From jrace at attglobal.net Sat Feb 2 17:51:59 2013 From: jrace at attglobal.net (Jeffrey Race) Date: Sat, 02 Feb 2013 11:51:59 -0500 Subject: [anti-abuse-wg] No e-mail contact in RIPE d/b; why and what to do? In-Reply-To: <73019.1358646215@tristatelogic.com> Message-ID: Receiving suspected stock fraud solicitation from 83.149.41.69, I query on the RIPE handle AD4211-RIPE and receive no useful data. Why and what to do? Jeffrey Race Cambridge Electronics Laboratories Checking server [whois.ripe.net] Results: % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to 'AD4211-RIPE' person: Alexander Deulin address: Russian Federation address: N.Novgorod, 603000 address: Nartova 6 phone: +7 831 4130000 nic-hdl: AD4211-RIPE mnt-by: MF-CENTER-MNT source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.51.1 (WHOIS4) From wiegert at telus.net Sat Feb 2 19:07:07 2013 From: wiegert at telus.net (Arnold) Date: Sat, 02 Feb 2013 10:07:07 -0800 Subject: [anti-abuse-wg] No e-mail contact in RIPE d/b; why and what to do? In-Reply-To: <20130202165249.TNSN4561.priv-edtnes24.telusplanet.net@edtncm03> References: <20130202165249.TNSN4561.priv-edtnes24.telusplanet.net@edtncm03> Message-ID: <510D55CB.8020505@telus.net> On 02/02/2013 8:51 AM, Jeffrey Race wrote: > Receiving suspected stock fraud solicitation > from 83.149.41.69, > I query on the RIPE handle AD4211-RIPE > and receive no useful data. > > Why and what to do? Search on the ripe query page http://apps.db.ripe.net/search/query.html perhaps you will have better luck Arnold > > Jeffrey Race > Cambridge Electronics Laboratories > > > > Checking server [whois.ripe.net] > Results: > % This is the RIPE Database query service. > % The objects are in RPSL format. > % > % The RIPE Database is subject to Terms and Conditions. > % See http://www.ripe.net/db/support/db-terms-conditions.pdf > > % Note: this output has been filtered. > % To receive output for a database update, use the "-B" flag. > > % Information related to 'AD4211-RIPE' > > person: Alexander Deulin > address: Russian Federation > address: N.Novgorod, 603000 > address: Nartova 6 > phone: +7 831 4130000 > nic-hdl: AD4211-RIPE > mnt-by: MF-CENTER-MNT > source: RIPE # Filtered > > % This query was served by the RIPE Database Query Service version 1.51.1 (WHOIS4) > > > > > > -- Fight Spam - report it with wxSR 0.5 - ready for Vista & Win7 http://www.columbinehoney.net/wxSR.shtml From rezaf at mindspring.com Sat Feb 2 21:44:15 2013 From: rezaf at mindspring.com (Reza Farzan) Date: Sat, 2 Feb 2013 15:44:15 -0500 Subject: [anti-abuse-wg] No e-mail contact in RIPE d/b; why and what to do? In-Reply-To: <510D55CB.8020505@telus.net> References: <20130202165249.TNSN4561.priv-edtnes24.telusplanet.net@edtncm03> <510D55CB.8020505@telus.net> Message-ID: <0C945BB813BE4240A167015FA09A2E57@admin36565265a> Hi Arnold, This IP block [83.149.40.0 - 83.149.42.63] has been assigned to Center Branch of OJSC MegaFon, Infrastructure. Try sending you complaint to noc at megafoncenter.ru, and Alexander Deulin at Aleksandr.Deulin at megafoncenter.ru. They should be able to assist you better and more. Thank you, Reza Farzan ************** -----Original Message----- From: anti-abuse-wg-bounces at ripe.net [mailto:anti-abuse-wg-bounces at ripe.net] On Behalf Of Arnold Sent: Saturday, February 02, 2013 1:07 PM To: anti-abuse-wg at ripe.net Subject: Re: [anti-abuse-wg] No e-mail contact in RIPE d/b; why and what to do? On 02/02/2013 8:51 AM, Jeffrey Race wrote: > Receiving suspected stock fraud solicitation > from 83.149.41.69, > I query on the RIPE handle AD4211-RIPE > and receive no useful data. > > Why and what to do? Search on the ripe query page http://apps.db.ripe.net/search/query.html perhaps you will have better luck Arnold > > Jeffrey Race > Cambridge Electronics Laboratories > > > > Checking server [whois.ripe.net] > Results: > % This is the RIPE Database query service. > % The objects are in RPSL format. > % > % The RIPE Database is subject to Terms and Conditions. > % See http://www.ripe.net/db/support/db-terms-conditions.pdf > > % Note: this output has been filtered. > % To receive output for a database update, use the "-B" flag. > > % Information related to 'AD4211-RIPE' > > person: Alexander Deulin > address: Russian Federation > address: N.Novgorod, 603000 > address: Nartova 6 > phone: +7 831 4130000 > nic-hdl: AD4211-RIPE > mnt-by: MF-CENTER-MNT > source: RIPE # Filtered > > % This query was served by the RIPE Database Query Service version 1.51.1 (WHOIS4) > > > > > > -- Fight Spam - report it with wxSR 0.5 - ready for Vista & Win7 http://www.columbinehoney.net/wxSR.shtml From rezaf at mindspring.com Sun Feb 3 04:35:21 2013 From: rezaf at mindspring.com (Reza Farzan) Date: Sat, 2 Feb 2013 22:35:21 -0500 Subject: [anti-abuse-wg] No e-mail contact in RIPE d/b; why and what to do? In-Reply-To: <201302021153.1u1Gl35WK3Nl3pw0@timothy.mail.atl.earthlink.net> References: <73019.1358646215@tristatelogic.com> <201302021153.1u1Gl35WK3Nl3pw0@timothy.mail.atl.earthlink.net> Message-ID: <4F38846A3F7B49E9A339A443934CD4C3@admin36565265a> Hello Jeffrey, This IP block [83.149.40.0 - 83.149.42.63] has been assigned to Center Branch of OJSC MegaFon, Infrastructure. Try sending you complaint to noc at megafoncenter.ru, and Alexander Deulin at Aleksandr.Deulin at megafoncenter.ru. They should be able to assist you better and more. Thank you, Reza Farzan ************** -----Original Message----- From: anti-abuse-wg-bounces at ripe.net [mailto:anti-abuse-wg-bounces at ripe.net] On Behalf Of Jeffrey Race Sent: Saturday, February 02, 2013 11:52 AM To: anti-abuse-wg at ripe.net Subject: [anti-abuse-wg] No e-mail contact in RIPE d/b; why and what to do? Receiving suspected stock fraud solicitation from 83.149.41.69, I query on the RIPE handle AD4211-RIPE and receive no useful data. Why and what to do? Jeffrey Race Cambridge Electronics Laboratories Checking server [whois.ripe.net] Results: % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to 'AD4211-RIPE' person: Alexander Deulin address: Russian Federation address: N.Novgorod, 603000 address: Nartova 6 phone: +7 831 4130000 nic-hdl: AD4211-RIPE mnt-by: MF-CENTER-MNT source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.51.1 (WHOIS4) From rfg at tristatelogic.com Sun Feb 3 21:41:06 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Sun, 03 Feb 2013 12:41:06 -0800 Subject: [anti-abuse-wg] Allocation of number resources Message-ID: <57973.1359924066@tristatelogic.com> Assume for the moment that there exists a provider, within the RIPE region, that has been allocated a sizeable IPv4 block. Let's say a /17, just for the sake of argument. Assume that this allocation was made to the provider, by RIPE NCC, some long time ago... Let's say early 2011. I would like to know the following things. If someone can answer these questions, please do: (1) What would have been the requirements, at that time (early 2011) that the provider would have had to meet in order to be allocated the /17 in question by RIPE NCC staff? (In the ARIN region, for IPv4 allocations there has been for some time various requirements in place that say that the provider being issued the address block must have some certain amount of hardware infrastructure in place in order to qualify for the allocation. Does RIPE have any similar rules? If so, then what are the rules, when did they go into effect, and what exactly does RIPE NCC staff do in order to actually enforce those rules, i.e. _prior_ to awarding an allocation to a given provider?) (2) If there are indeed requirements along the lines above, then are those requirements only in effect during and at the time of the initial allocation? Or is the provider who has been awarded an alloction either asked or required to maintain some certain amount of hardware infra- structure corresponding to the IPv4 address block allocation that it was awarded? (3) If there are indeed ``maintenance'' requirements along the lines in (2) above, then has there ever been a single publically documented instance in which a provider's failure to maintain the minimum required hardware infrastructure dedicated to some given IP address block allocation has caused the RIPE NCC to actually revoke the address block allocation in question? Regards, rfg From brian.nisbet at heanet.ie Tue Feb 5 17:20:08 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Tue, 05 Feb 2013 16:20:08 +0000 Subject: [anti-abuse-wg] Call For Agenda Items, RIPE 66 Message-ID: <51113138.2070703@heanet.ie> Colleagues, It's that time again, with the 66th RIPE meeting creeping slowly into view! This meeting will be taking place in my home town of Dublin from the 13th - 17th May 2013 and all the details can be found at http://ripe66.ripe.net As always Tobias and I are hoping the Anti-Abuse WG session will be full of interesting presentations and discussions. If you have anything you would like to present at the meeting, please email us at aa-wg-chairs at ripe.net Thanks, Brian From alexlh at ripe.net Wed Feb 6 15:51:09 2013 From: alexlh at ripe.net (Alex Le Heux) Date: Wed, 6 Feb 2013 15:51:09 +0100 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <57973.1359924066@tristatelogic.com> References: <57973.1359924066@tristatelogic.com> Message-ID: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> Dear Ronald, > (1) What would have been the requirements, at that time (early 2011) > that the provider would have had to meet in order to be allocated the > /17 in question by RIPE NCC staff? (In the ARIN region, for IPv4 > allocations there has been for some time various requirements in place > that say that the provider being issued the address block must have > some certain amount of hardware infrastructure in place in order to > qualify for the allocation. Does RIPE have any similar rules? If > so, then what are the rules, when did they go into effect, and what > exactly does RIPE NCC staff do in order to actually enforce those > rules, i.e. _prior_ to awarding an allocation to a given provider?) The RIPE Community's policies generally do not contain highly specific requirements such as minimum amounts of hardware and direct the RIPE NCC to allocate address space to LIRs at the rate that the addresses are assigned and/or sub-allocated to end-users by that LIR. In early 2011 a new LIR would receive as a first allocation the minimum allocation size, a /21, unless the LIR could demonstrate a need for a larger block. Such a need could be demonstrated in various ways, with proof of purchase of the right amount of hardware to deploy these addresses on being an obvious and often used one. Other ways to demonstrate a need include operating licenses granted by governments, contracts with providers, customers and/or partners and detailed deployment plans. Subsequent allocations are evaluated in a large part on the usage rate of previous allocations. Should an LIR have requested a much larger size additional allocation than their previous usage rate would indicate, additional documentation of their need would be requested. Today the RIPE NCC operates under the Last-/8 Policy, so we can only allocate a single /22 to each LIR, regardless of what size the LIR can justify. > (2) If there are indeed requirements along the lines above, then are > those requirements only in effect during and at the time of the initial > allocation? Or is the provider who has been awarded an allocation either > asked or required to maintain some certain amount of hardware infra- > structure corresponding to the IPv4 address block allocation that it was > awarded? An allocation to an LIR is a block that is reserved for future use of that LIR, its size based on past usage rate and/or specified future plans. Most LIR's businesses, however, are dynamic: Customers come and go, projects change, get cancelled and new projects get started. The RIPE policies take this into account and there is no requirement to keep some arbitrary minimum amount of hardware infrastructure. That said, when an LIR requests an additional allocation or when it is selected for a random audit, we verify the usage and validity of the existing assignments in the LIR's allocation(s). > (3) If there are indeed ``maintenance'' requirements along the lines > in (2) above, then has there ever been a single publically documented > instance in which a provider's failure to maintain the minimum required > hardware infrastructure dedicated to some given IP address block allocation > has caused the RIPE NCC to actually revoke the address block allocation > in question? There are no 'maintenance' requirements as such in the RIPE NCC service region and these can therefore not be grounds for de-registering an allocation to an LIR. I hope this answers your questions. If you have any others, please do not hesitate to ask. Best regards, Alex Le Heux Policy Implementation and Co-ordination RIPE NCC From sony.claims at antipirates-in.com Wed Feb 6 21:42:02 2013 From: sony.claims at antipirates-in.com (Sony Music) Date: Thu, 7 Feb 2013 02:12:02 +0530 Subject: [anti-abuse-wg] Copyright Infringement (Abuse / Notice) Message-ID: Hello Team RIPE, > This is to inform you that we had been continuously in touch with voxility who are into hosting providing for domains, their user / clients had been violating the Copyrights term for below details and provided links. > > we had been following up with voxility on mails / phone, but no resolution / action had been provided yet, attached proof of contact via mail. > > We Request you look closely into this matter and advise on same to go a head with legal procedure to Sue / pay damages from Voxility or Minimum to block below websites. i.e.., (mp3khan.net ) (url2.bollywoodmp3.se). > > We are also in touch with Binero regards same but no action been provided from their end too. > > > Hoping for positive response on same. (ORDA / Binero or Voxility) > > > Warm Regards, > SONY MUSIC > > > > > > > From: > > > Company Name : Sony Music Entertainment India P.Ltd. > Behalf Claimer / Name : Zubair Ali > Designation : Content Executive > Address : 92, Main Avenue, Above Tommy Hilfiger Showroom, > Santacruz West, Mumbai ? 400054, Maharastra, INDIA. > Contact : 0091-22-67069000 > Web : http://www.sonymusic.com/ > > > SUB: Legal Cease, Desist Notice, Dutch Notice and Takedown Code of Conduct. > > > > This is the legal department of (Sony Music Entertainment India P.Ltd ). We have come to identify that your website / user is illegally duplicating and reproducing copyrighted material / File / Files . > > Stop duplicating the content and remove all infringing pages immediately. If you do not abide to this in the next 24 hours of this mail receipt, we will have to carry out legal proceedings against you. We will also release DMCA complaints as per Section 512 with all major search engines, hosting provider and your Ad partners. So your site will be banned permanently from the SE database and dropped from hosting. You will also be reported to all online crime control centers including the powerful internationally functional ic3.gov. > > DETAILS OF WORK: > > Movie Name : Murder 3 > Release Year : 2013 > Production : Sony Music Entertainment India P.Ltd > > Tracks: > 1) Teri Jhuki Nazar > 2) Mat Aazma Re > 3) Jaata hai tujh tak > 4) Hum Jee Lenge > 5) Hum Jee Lenge Rock Version > 6) Teri Jhuki Nazar Film Version > 7) Jaata Hai Tujh Tak Film Version > > > online location for which is : > > > http://mp3khan.net/murder_3_2013_mp3_movie_songs_download.html > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/01%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/01%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/02%20-%20Murder%203%20-%20Mat%20Aazma%20Re%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/02%20-%20Murder%203%20-%20Mat%20Aazma%20Re%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/03%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/03%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/04%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/04%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/05%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/05%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/06%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/06%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/07%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/07%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29%20%5BMP3Khan%5D.mp3 > mp3khan.net/music/Zip/Murder%203%20(2013)%20~190Kbps%20(VBR)%20%5BMP3Khan%5D.zip > mp3khan.net/music/Zip/Murder%203%20%5B2013-MP3-VBR-320Kbps%5D%20-%20%5BMP3Khan%5D.zip > > > > > http://url2.bollywoodmp3.se/murder_3_2013_mp3_songs.php > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2001%20-%20Teri%20Jhuki%20Nazar.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2002%20-%20Mat%20Aazma%20Re.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2003%20-%20Jaata%20Hai%20Tujh%20Tak.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2004%20-%20Hum%20Jee%20Lenge.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2005%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2006%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2007%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29.mp3 > url2.bollywoodmp3.se/Murder-3-128Kbps-2013(Songs.PK).zip > url2.bollywoodmp3.se/Murder-3-320Kbps-2013(Songs.PK).zip > > All content and images is copyrighted by US laws and any kind of duplication or reproduction is illegal. > > > We want you to stop this infringement immediately or else get ready to be sued for damages (as applicable). > > > " I believe in good faith that the disputed use is not authorized by the copyright or intellectual property owner, its agent, or the law. I further declare, under penalty of perjury, that the above information in my notice is accurate and that I am the copyright or intellectual property owner or authorized to act on the copyright or intellectual property owner's behalf. " > > > > > > For, > SONY MUSIC ------------------------ Powered by BigRock.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From sony.claims at antipirates-in.com Wed Feb 6 21:41:26 2013 From: sony.claims at antipirates-in.com (Sony Music) Date: Thu, 7 Feb 2013 02:11:26 +0530 Subject: [anti-abuse-wg] Copyright Infringement (Abuse / Notice) Message-ID: <90138F56-1E84-41E3-A55C-9A6BB9A0E7B7@antipirates-in.com> > This is to inform you that we had been continuously in touch with voxility who are into hosting providing for domains, their user / clients had been violating the Copyrights term for below details and provided links. > > we had been following up with voxility on mails / phone, but no resolution / action had been provided yet, attached proof of contact via mail. > > We Request you look closely into this matter and advise on same to go a head with legal procedure to Sue / pay damages from Voxility or Minimum to block below websites. i.e.., (mp3khan.net ) (url2.bollywoodmp3.se). > > We are also in touch with Binero regards same but no action been provided from their end too. > > > Hoping for positive response on same. (ORDA / Binero or Voxility) > > > Warm Regards, > SONY MUSIC > > > > > > > From: > > > Company Name : Sony Music Entertainment India P.Ltd. > Behalf Claimer / Name : Zubair Ali > Designation : Content Executive > Address : 92, Main Avenue, Above Tommy Hilfiger Showroom, > Santacruz West, Mumbai ? 400054, Maharastra, INDIA. > Contact : 0091-22-67069000 > Web : http://www.sonymusic.com/ > > > SUB: Legal Cease, Desist Notice, Dutch Notice and Takedown Code of Conduct. > > > > This is the legal department of (Sony Music Entertainment India P.Ltd ). We have come to identify that your website / user is illegally duplicating and reproducing copyrighted material / File / Files . > > Stop duplicating the content and remove all infringing pages immediately. If you do not abide to this in the next 24 hours of this mail receipt, we will have to carry out legal proceedings against you. We will also release DMCA complaints as per Section 512 with all major search engines, hosting provider and your Ad partners. So your site will be banned permanently from the SE database and dropped from hosting. You will also be reported to all online crime control centers including the powerful internationally functional ic3.gov. > > DETAILS OF WORK: > > Movie Name : Murder 3 > Release Year : 2013 > Production : Sony Music Entertainment India P.Ltd > > Tracks: > 1) Teri Jhuki Nazar > 2) Mat Aazma Re > 3) Jaata hai tujh tak > 4) Hum Jee Lenge > 5) Hum Jee Lenge Rock Version > 6) Teri Jhuki Nazar Film Version > 7) Jaata Hai Tujh Tak Film Version > > > online location for which is : > > > http://mp3khan.net/murder_3_2013_mp3_movie_songs_download.html > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/01%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/01%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/02%20-%20Murder%203%20-%20Mat%20Aazma%20Re%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/02%20-%20Murder%203%20-%20Mat%20Aazma%20Re%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/03%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/03%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/04%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/04%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/05%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/05%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/06%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/06%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/07%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29%20%5BMP3Khan%5D.mp3 > http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/07%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29%20%5BMP3Khan%5D.mp3 > mp3khan.net/music/Zip/Murder%203%20(2013)%20~190Kbps%20(VBR)%20%5BMP3Khan%5D.zip > mp3khan.net/music/Zip/Murder%203%20%5B2013-MP3-VBR-320Kbps%5D%20-%20%5BMP3Khan%5D.zip > > > > > http://url2.bollywoodmp3.se/murder_3_2013_mp3_songs.php > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2001%20-%20Teri%20Jhuki%20Nazar.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2002%20-%20Mat%20Aazma%20Re.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2003%20-%20Jaata%20Hai%20Tujh%20Tak.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2004%20-%20Hum%20Jee%20Lenge.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2005%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2006%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29.mp3 > http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2007%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29.mp3 > url2.bollywoodmp3.se/Murder-3-128Kbps-2013(Songs.PK).zip > url2.bollywoodmp3.se/Murder-3-320Kbps-2013(Songs.PK).zip > > All content and images is copyrighted by US laws and any kind of duplication or reproduction is illegal. > > > We want you to stop this infringement immediately or else get ready to be sued for damages (as applicable). > > > " I believe in good faith that the disputed use is not authorized by the copyright or intellectual property owner, its agent, or the law. I further declare, under penalty of perjury, that the above information in my notice is accurate and that I am the copyright or intellectual property owner or authorized to act on the copyright or intellectual property owner's behalf. " > > > > > > For, > SONY MUSIC ------------------------ Powered by BigRock.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From wayne at therobertsfamily.eu Wed Feb 6 21:47:03 2013 From: wayne at therobertsfamily.eu (Wayne Roberts) Date: Wed, 6 Feb 2013 20:47:03 +0000 Subject: [anti-abuse-wg] Copyright Infringement Message-ID: Sorry to complain but drop the html formatted email's they look a complete mess. Do this and you might get our attention -- - Wayne Roberts -------------- next part -------------- An HTML attachment was scrubbed... URL: From sony.claims at antipirates-in.com Wed Feb 6 21:57:21 2013 From: sony.claims at antipirates-in.com (Sony Music) Date: Thu, 7 Feb 2013 02:27:21 +0530 Subject: [anti-abuse-wg] Copyright Infringement In-Reply-To: References: Message-ID: <2F6D8515-CD83-4A59-9F2D-8C1ABB7656E7@antipirates-in.com> Attached the mail format. Hope this will work. ------------------------ Powered by BigRock.com -------------- next part -------------- A non-text attachment was scrubbed... Name: Copyright Infringement (Abuse _ Notice) Type: application/octet-stream Size: 42525 bytes Desc: not available URL: -------------- next part -------------- On 07-Feb-2013, at 2:17 AM, Wayne Roberts wrote: > Sorry to complain but drop the html formatted email's they look a complete mess. > Do this and you might get our attention > > -- > - > Wayne Roberts > From kjz at gmx.net Wed Feb 6 22:03:17 2013 From: kjz at gmx.net (Karl-Josef Ziegler) Date: Wed, 06 Feb 2013 22:03:17 +0100 Subject: [anti-abuse-wg] Voxility Message-ID: <5112C515.8060205@gmx.net> Hello! Simply look at: http://www.spamhaus.org/sbl/listings/voxility.com and you may know the 'hat colour'. Another ISP where RIPE NCC should take action. Best regards, - Karl-Josef Ziegler From wayne at therobertsfamily.eu Wed Feb 6 22:06:41 2013 From: wayne at therobertsfamily.eu (Wayne Roberts) Date: Wed, 6 Feb 2013 21:06:41 +0000 Subject: [anti-abuse-wg] Sony Copyright Infringement Message-ID: Sorry but what type of document did you attach (.doc, .pdf) it seems to have lost it's extension -- - Wayne Roberts -------------- next part -------------- An HTML attachment was scrubbed... URL: From sony.claims at antipirates-in.com Wed Feb 6 22:07:46 2013 From: sony.claims at antipirates-in.com (Sony Music) Date: Thu, 7 Feb 2013 02:37:46 +0530 Subject: [anti-abuse-wg] Voxility In-Reply-To: <5112C515.8060205@gmx.net> References: <5112C515.8060205@gmx.net> Message-ID: Hi Karl, can you be more specific? Warm Regards, Zubair. On 07-Feb-2013, at 2:33 AM, Karl-Josef Ziegler wrote: > Hello! > > Simply look at: > > http://www.spamhaus.org/sbl/listings/voxility.com > > and you may know the 'hat colour'. > > Another ISP where RIPE NCC should take action. > > Best regards, > > - Karl-Josef Ziegler > ------------------------ Powered by BigRock.com From brian.nisbet at heanet.ie Wed Feb 6 22:08:36 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Wed, 06 Feb 2013 21:08:36 +0000 Subject: [anti-abuse-wg] Copyright Infringement (Abuse / Notice) In-Reply-To: References: Message-ID: <5112C654.9030802@heanet.ie> Hi, This really isn't the right place to report this kind of activity. Alleged copyright infringement is nothing to do with this working group and so we cannot help you. I suggest you continue to try to contact Voxility, their upstream and/or any relevant local law enforcement, should what you're reporting be illegal in their jurisdiction. Regards, Brian, Co-Chair, RIPE Anti-Abuse WG On 06/02/2013 20:42, Sony Music wrote: > Hello Team RIPE, > >> /This is to inform you that we had been continuously in touch with >> *voxility *who are into hosting providing for domains, their user / >> clients had been violating the Copyrights term for below details and >> provided links./ >> /we had been following up with *voxility *on mails / phone, but no >> resolution / action had been provided yet, attached proof of contact >> via mail./ >> /We Request you look closely into this matter and advise on same to go >> a head with legal procedure to Sue / pay damages from Voxility or >> Minimum to block below websites. i.e.., (/mp3khan.net >> ) >> (url2.bollywoodmp3.se >> ). >> We are also in touch with Binero regards same but no action been >> provided from their end too. >> Hoping for positive response on same. (ORDA / Binero or Voxility) >> Warm Regards, >> SONY MUSIC >> */From:/*// >> /Company Name : Sony Music >> Entertainment India P.Ltd./ >> /Behalf Claimer / Name : Zubair Ali/ >> /Designation : Content >> Executive/ >> /Address : 92, >> Main Avenue, Above Tommy Hilfiger Showroom,/ >> / >> Santacruz West, Mumbai ? 400054, Maharastra, INDIA./ >> /Contact : >> 0091-22-67069000 / >> /Web : >> http://www.sonymusic.com// >> // >> *//* >> */SUB:/*/ Legal Cease, Desist Notice, Dutch Notice and Takedown Code >> of Conduct./ >> /This is the legal department of (/*/Sony Music Entertainment India >> P.Ltd /*/). We have come to identify that your website / user is >> illegally duplicating and reproducing copyrighted material / File / >> Files . / >> / >> Stop duplicating the content and remove all infringing pages >> immediately. If you do not abide to this in the next 24 hours of this >> mail receipt, we will have to carry out legal proceedings against you. >> We will also release *DMCA complaints* as per *Section 512* with all >> major search *engines,* *hosting* *provider* and your *Ad partners*. >> So your site will be banned permanently from the *SE database* and >> *dropped from hosting*. You will also be reported to all online crime >> control centers including the powerful internationally functional >> *ic3.gov *. >> >> *_DETAILS OF WORK:_*/ >> */Movie Name : /**/Murder 3/* >> */Release Year : 2013/* >> */Production : Sony Music Entertainment India P.Ltd/* >> */_Tracks:_/* >> */1) Teri Jhuki Nazar/* >> */2) Mat Aazma Re/* >> */3) /**/Jaata hai tujh tak/* >> */4) /**/Hum Jee Lenge/* >> */5) /**/Hum Jee Lenge Rock Version/* >> */6) Teri Jhuki Nazar Film Version/* >> */7) Jaata Hai Tujh Tak Film Version/* >> / online location for which is :/ >> >> http://mp3khan.net/murder_3_2013_mp3_movie_songs_download.html >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/01%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/01%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/02%20-%20Murder%203%20-%20Mat%20Aazma%20Re%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/02%20-%20Murder%203%20-%20Mat%20Aazma%20Re%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/03%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/03%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/04%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/04%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/05%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/05%20-%20Murder%203%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/06%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/06%20-%20Murder%203%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/indian_movies/Murder%203%20%282013%29/07%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29%20%5BMP3Khan%5D.mp3 >> http://mp3khan.net/music/320/indian_movies/Murder%203%20%282013%29/07%20-%20Murder%203%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29%20%5BMP3Khan%5D.mp3 >> mp3khan.net/music/Zip/Murder%203%20 >> (2013)%20~190Kbps%20(VBR)%20%5BMP3Khan%5D.zip >> >> mp3khan.net/music/Zip/Murder%203%20%5B2013-MP3-VBR-320Kbps%5D%20-%20%5BMP3Khan%5D.zip >> >> >> >> http://url2.bollywoodmp3.se/murder_3_2013_mp3_songs.php >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2001%20-%20Teri%20Jhuki%20Nazar.mp3 >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2002%20-%20Mat%20Aazma%20Re.mp3 >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2003%20-%20Jaata%20Hai%20Tujh%20Tak.mp3 >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2004%20-%20Hum%20Jee%20Lenge.mp3 >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2005%20-%20Teri%20Jhuki%20Nazar%20%28Film%20Version%29.mp3 >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2006%20-%20Jaata%20Hai%20Tujh%20Tak%20%28Film%20Version%29.mp3 >> http://url2.bollywoodmp3.se/murder3/%5BSongs.PK%5D%20Murder%203%20-%2007%20-%20Hum%20Jee%20Lenge%20%28Rock%20Version%29.mp3 >> url2.bollywoodmp3.se/Murder-3-128Kbps-2013 >> (Songs.PK).zip >> url2.bollywoodmp3.se/Murder-3-320Kbps-2013 >> (Songs.PK).zip >> >> /All content and images is copyrighted by US laws and any kind of >> duplication or reproduction is illegal. >> >> / >> >> /We want you to stop this infringement immediately or else get ready >> to be sued for damages (as applicable)./ >> /" I believe in good faith that the disputed use is not authorized by >> the copyright or intellectual property owner, its agent, or the law. I >> further declare, under penalty of perjury, that the above information >> in my notice is accurate and that I am the copyright or intellectual >> property owner or authorized to act on the copyright or intellectual >> property owner's behalf. "/ >> >> / >> >> / >> >> /For, / >> > /SONY MUSIC/ > From wayne at therobertsfamily.eu Wed Feb 6 22:22:27 2013 From: wayne at therobertsfamily.eu (Wayne Roberts) Date: Wed, 6 Feb 2013 21:22:27 +0000 Subject: [anti-abuse-wg] Copyright Infringement (Abuse / Notice) Message-ID: Thanks Brian, I was trying to think of a polite way of telling them, to take their complaints somewhere else.. -- - Wayne Roberts -------------- next part -------------- An HTML attachment was scrubbed... URL: From rfg at tristatelogic.com Wed Feb 6 23:58:17 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Wed, 06 Feb 2013 14:58:17 -0800 Subject: [anti-abuse-wg] Copyright Infringement (Abuse / Notice) In-Reply-To: Message-ID: <93646.1360191497@tristatelogic.com> This must be some sort of a goofy joke. Somebody identifing himself as: Sony Music writing, allegedly, from a domain that was only created 5 months ago, and one whose only web site is "under construction", writes to the RIPE anti-abuse mailing list to complain about some alleged copyright infringement ?!? From rfg at tristatelogic.com Thu Feb 7 00:42:39 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Wed, 06 Feb 2013 15:42:39 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> Message-ID: <93978.1360194159@tristatelogic.com> In message <0C2184CC-2791-48C2-894C-C13E620BFE73 at ripe.net>, Alex Le Heux wrote: >The RIPE Community's policies generally do not contain highly specific >requirements such as minimum amounts of hardware and direct the RIPE NCC >to allocate address space to LIRs at the rate that the addresses are >assigned and/or sub-allocated to end-users by that LIR. > >In early 2011 a new LIR would receive as a first allocation the minimum >allocation size, a /21, unless the LIR could demonstrate a need for a >larger block. Such a need could be demonstrated in various ways, with >proof of purchase of the right amount of hardware to deploy these >addresses on being an obvious and often used one. Other ways to >demonstrate a need include operating licenses granted by governments, >contracts with providers, customers and/or partners and detailed >deployment plans. > >Subsequent allocations are evaluated in a large part on the usage rate >of previous allocations. Should an LIR have requested a much larger size >additional allocation than their previous usage rate would indicate, >additional documentation of their need would be requested. I appreciate you taking the time to write the above answer, however I'm afraid that it has left me a bit confused. On the one hand, you say that "RIPE Community's policies generally do not contain highly specific requirements" with respect to justifying allocations, but then you go on to describe various ways that an LIR might actually justify it's alleged need. >An allocation to an LIR is a block that is reserved for future use of >that LIR, its size based on past usage rate and/or specified future >plans. Most LIR's businesses, however, are dynamic: Customers come and >go, projects change, get cancelled and new projects get started. The >RIPE policies take this into account and there is no requirement to keep >some arbitrary minimum amount of hardware infrastructure. So let me see if I understand this. If a given LIR had a spare /17 lying around... which they may have, e.g. because they were allocated that /17 by RIPE NCC for a project or customer than never actually materalized... then there is no RIPE community policy which would in any way prevent that LIR from sub-assigning that entire /17 to some customer who had exactly and only one router and one server. Is that correct? >There are no 'maintenance' requirements as such in the RIPE NCC service >region and these can therefore not be grounds for de-registering an >allocation to an LIR. So in the scenario described above, if in fact the LIR assigned an entire /17 to a single customer, where that customer only had a grand total of one router and one server, there would be nothing whatsoever that RIPE NCC could or would do, in reaction, in order to prevent or reverse this kind of colossal waste of that large chunk of the rapidly depleating resource known as the IPv4 address space. Is that correct? Regards, rfg P.S. Sorry. One more question... I don't know how RIPE operates, but ARIN make every effort to do things entiirely and only "by the book", so to speak, where "the book" is ARIN's own published and publically available policy manual. I'd just like to know if RIPE has an equivalent sort of published Policy Manual, and if so, where I might find it. Thanks. From celexi at bytenix.net Thu Feb 7 01:31:50 2013 From: celexi at bytenix.net (Sara Borges) Date: Thu, 7 Feb 2013 00:31:50 +0000 Subject: [anti-abuse-wg] Copyright Infringement (Abuse / Notice) In-Reply-To: <93646.1360191497@tristatelogic.com> References: <93646.1360191497@tristatelogic.com> Message-ID: I had no idea Sony now outsourced DMCA take downs , but this take-down notice is kind of hilarious. I suppose quality control wasn't high on the list when choosing who to outsource to. On Wed, Feb 6, 2013 at 10:58 PM, Ronald F. Guilmette wrote: > > > This must be some sort of a goofy joke. > > Somebody identifing himself as: > > Sony Music > > writing, allegedly, from a domain that was only created 5 months ago, > and one whose only web site is "under construction", writes to the RIPE > anti-abuse mailing list to complain about some alleged copyright > infringement ?!? > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From wayne at therobertsfamily.eu Thu Feb 7 11:02:27 2013 From: wayne at therobertsfamily.eu (Wayne Roberts) Date: Thu, 7 Feb 2013 10:02:27 +0000 Subject: [anti-abuse-wg] Digital Certificates Message-ID: Hi, I know this is the wrong place to ask such a question ,But i need some independent advice, what type of ssl cert do i need to secure IIS and Exchange? I had a quick chat with versign who quoted me over a thousand pounds !! -- - Wayne Roberts -------------- next part -------------- An HTML attachment was scrubbed... URL: From brian.nisbet at heanet.ie Thu Feb 7 11:36:17 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Thu, 07 Feb 2013 10:36:17 +0000 Subject: [anti-abuse-wg] Digital Certificates In-Reply-To: References: Message-ID: <511383A1.4000209@heanet.ie> On 07/02/2013 10:02, Wayne Roberts wrote: > Hi, > > I know this is the wrong place to ask such a question ,But i need > some independent advice, what type of ssl cert do i need to secure IIS > and Exchange? I had a quick chat with versign who quoted me over a > thousand pounds !! This is, indeed, the wrong place to ask such a question. If anyone can help Wayne, please do so off list. Brian Co-Chair, RIPE AA-WG From wayne at therobertsfamily.eu Thu Feb 7 11:37:36 2013 From: wayne at therobertsfamily.eu (Wayne Roberts) Date: Thu, 7 Feb 2013 10:37:36 +0000 Subject: [anti-abuse-wg] (no subject) Message-ID: apologies -- - Wayne Roberts -------------- next part -------------- An HTML attachment was scrubbed... URL: From gert at space.net Thu Feb 7 12:06:59 2013 From: gert at space.net (Gert Doering) Date: Thu, 7 Feb 2013 12:06:59 +0100 Subject: [anti-abuse-wg] Copyright Infringement In-Reply-To: <2F6D8515-CD83-4A59-9F2D-8C1ABB7656E7@antipirates-in.com> References: <2F6D8515-CD83-4A59-9F2D-8C1ABB7656E7@antipirates-in.com> Message-ID: <20130207110659.GC51699@Space.Net> Hi, On Thu, Feb 07, 2013 at 02:27:21AM +0530, Sony Music wrote: > Attached the mail format. Hope this will work. Send *text*. Not "funny attachments containing non-text". Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 From gert at space.net Thu Feb 7 12:22:36 2013 From: gert at space.net (Gert Doering) Date: Thu, 7 Feb 2013 12:22:36 +0100 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <93978.1360194159@tristatelogic.com> References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> Message-ID: <20130207112236.GD51699@Space.Net> Hi, On Wed, Feb 06, 2013 at 03:42:39PM -0800, Ronald F. Guilmette wrote: > So in the scenario described above, if in fact the LIR assigned an entire > /17 to a single customer, where that customer only had a grand total of > one router and one server, there would be nothing whatsoever that RIPE > NCC could or would do, in reaction, in order to prevent or reverse this > kind of colossal waste of that large chunk of the rapidly depleating > resource known as the IPv4 address space. Is that correct? Correct. The community decided that "focus on IPv6 deployment" is more important than spending lots of (paid by members!) respources trying to get back IPv4 scraps here and there, which would only delay the inevitable. Aforesaid /17 would have made RIPE NCC's IPv4 pool last about 3 weeks longer - and in the end, no matter what we do, IPv4 would have run out, but we had burned a lot of extra effort trying to avoid facing IPv6. Gert Doering -- member of the community -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 From wayne at therobertsfamily.eu Thu Feb 7 12:46:17 2013 From: wayne at therobertsfamily.eu (Wayne Roberts) Date: Thu, 7 Feb 2013 11:46:17 +0000 Subject: [anti-abuse-wg] Sony Copyright Infringement Message-ID: Sorry to say this but I don't believe it is the Sony corporation, Based on; The domain he's sending from, I understand that Sony may have outsourced their copy write claims but have you looked at "their" website? it's a little blank for a copywrite claim company. The records for the domain antipirates-in.com sounds to me more like somebody is trying to hide something, Not that I'm saying the privacy option is a bad thing. Also the wording he was using in his original Email "* including the powerful internationally functional **ic3.gov" *Since we are talking about India here the fbi have no jurisdiction. * * And again the wording* "**or else get ready to be sued for damages" *does not sound like the language a lawyer would use And again "*This is the legal department of (**Sony Music Entertainment India P.Ltd **)" *yet your email address is sony.claims at antipirates-in.com I think it's either somebody with a grudge against mp3khan.net or somebody is having a laugh !! But if I'm wrong ......... -- - Wayne Roberts -------------- next part -------------- An HTML attachment was scrubbed... URL: From ops.lists at gmail.com Thu Feb 7 12:59:59 2013 From: ops.lists at gmail.com (Suresh Ramasubramanian) Date: Thu, 7 Feb 2013 17:29:59 +0530 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <20130207112236.GD51699@Space.Net> References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> <20130207112236.GD51699@Space.Net> Message-ID: Well let us put it this way. The entities Ron's been thinking of have been doing this on the /15 scale for quite a while now, so I do think they should have quite a few /16s on the "use till it gets heavily blocked, get a new one from a RIPE LIR" principle. Three weeks here, three weeks there and you're looking at the best part of a year more at a conservative estimate. And I would be very interested to see just how much v6 space they have. Ron - noticed some? And please don't even tell me there's enough v6 space for everybody so we needn't worry about IP allocation at all, that is what we all thought back when class A, B and C addresses were being handed out, so we might as well learn from our past experience as from anything else. On Thursday, February 7, 2013, Gert Doering wrote: > Hi, > > On Wed, Feb 06, 2013 at 03:42:39PM -0800, Ronald F. Guilmette wrote: > > So in the scenario described above, if in fact the LIR assigned an entire > > /17 to a single customer, where that customer only had a grand total of > > one router and one server, there would be nothing whatsoever that RIPE > > NCC could or would do, in reaction, in order to prevent or reverse this > > kind of colossal waste of that large chunk of the rapidly depleating > > resource known as the IPv4 address space. Is that correct? > > Correct. The community decided that "focus on IPv6 deployment" is more > important than spending lots of (paid by members!) respources trying to > get back IPv4 scraps here and there, which would only delay the inevitable. > > Aforesaid /17 would have made RIPE NCC's IPv4 pool last about 3 weeks > longer - and in the end, no matter what we do, IPv4 would have run out, > but we had burned a lot of extra effort trying to avoid facing IPv6. > > Gert Doering > -- member of the community > -- > have you enabled IPv6 on something today...? > > SpaceNet AG Vorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 > > -- --srs (iPad) -------------- next part -------------- An HTML attachment was scrubbed... URL: From gert at space.net Thu Feb 7 13:20:29 2013 From: gert at space.net (Gert Doering) Date: Thu, 7 Feb 2013 13:20:29 +0100 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> <20130207112236.GD51699@Space.Net> Message-ID: <20130207122029.GF51699@Space.Net> Hi, On Thu, Feb 07, 2013 at 05:29:59PM +0530, Suresh Ramasubramanian wrote: > Well let us put it this way. > > The entities Ron's been thinking of have been doing this on the /15 scale > for quite a while now, so I do think they should have quite a few /16s on > the "use till it gets heavily blocked, get a new one from a RIPE LIR" > principle. If a LIR comes back for "more space", and cannot plausibly document that their existing space is full (80%), then the RIPE NCC won't give them extra space - so in the example of a /17 lying around mostly unused, the LIR would find itself in a pretty painful position. We *do* encourage making use of the addresses, we just don't go out of our ways to active reclaim possible-unused space. > Three weeks here, three weeks there and you're looking at the best part of > a year more at a conservative estimate. A /16 is just not that much space. A /8 would be interesting, but even *that* isn't "a year more" (and even "a year more" would be the wrong signal, namely "yeah, there's more IPv4" - which will just get people to roll out more IPv4-only stuff that will need to be touched later). > And I would be very interested to see just how much v6 space they have. > > Ron - noticed some? > > And please don't even tell me there's enough v6 space for everybody so we > needn't worry about IP allocation at all, that is what we all thought back > when class A, B and C addresses were being handed out, so we might as well > learn from our past experience as from anything else. I can do math (and learned that from experience). Can you? If a rogue LIR gets a fresh /29 every week, paying a full RIPE membership fee each time, RIPE's /12 will last about 2500 years. And then, there's about 500 more /12s inside FP 001, and *then*, we get about 6 more tries to make a more conservative IPv6 allocation policy. Should I care? Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 306 bytes Desc: not available URL: From ops.lists at gmail.com Thu Feb 7 13:44:01 2013 From: ops.lists at gmail.com (Suresh Ramasubramanian) Date: Thu, 7 Feb 2013 18:14:01 +0530 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <20130207122029.GF51699@Space.Net> References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> <20130207112236.GD51699@Space.Net> <20130207122029.GF51699@Space.Net> Message-ID: Maybe it'd be a grand idea to not extrapolate based on current usage trends. We just don't know what's going to turn up in the future - maybe 20..40 years or less down the line, and would hate to see history repeating itself. And if v4 and v6 exhaustion were the only reason to care about allocating number resources to rogue entities, I'd not care as much as I do about this. --srs On Thursday, February 7, 2013, Gert Doering wrote: > > I can do math (and learned that from experience). > > Can you? > > If a rogue LIR gets a fresh /29 every week, paying a full RIPE membership > fee each time, RIPE's /12 will last about 2500 years. > > And then, there's about 500 more /12s inside FP 001, and *then*, we get > about 6 more tries to make a more conservative IPv6 allocation policy. > > Should I care? > > > -- --srs (iPad) -------------- next part -------------- An HTML attachment was scrubbed... URL: From gert at space.net Thu Feb 7 13:52:20 2013 From: gert at space.net (Gert Doering) Date: Thu, 7 Feb 2013 13:52:20 +0100 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> <20130207112236.GD51699@Space.Net> <20130207122029.GF51699@Space.Net> Message-ID: <20130207125220.GG51699@Space.Net> Hi, On Thu, Feb 07, 2013 at 06:14:01PM +0530, Suresh Ramasubramanian wrote: > Maybe it'd be a grand idea to not extrapolate based on current usage > trends. I'm happy to be proven wrong, and see RIPE's /12 exhausted in 250 years, instead of 2500 years. After all, "using up IPv6" is not our largest current problem, "*not* using IPv6" is. > We just don't know what's going to turn up in the future - maybe 20..40 > years or less down the line, and would hate to see history repeating itself. > > And if v4 and v6 exhaustion were the only reason to care about allocating > number resources to rogue entities, I'd not care as much as I do about this. Then please don't make the exhaustion such a focal topic of your posts. I think we perfectly agree that *criminals* should have taken their address space away, and that's what the NCC does. Now, "criminals" - and this is where we know to disagree - are not folks that send e-mails that other folks do not like, but folks where an instrument of the law has decided "they are criminals" (LEOs or courts). Fake registration data in itself is also enough to withdraw resources by the RIPE NCC (but it's not always obvious at registration time that a working postal address, telephon number, etc. are fake). Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 306 bytes Desc: not available URL: From ops.lists at gmail.com Thu Feb 7 15:36:41 2013 From: ops.lists at gmail.com (Suresh Ramasubramanian) Date: Thu, 7 Feb 2013 20:06:41 +0530 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <20130207125220.GG51699@Space.Net> References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> <20130207112236.GD51699@Space.Net> <20130207122029.GF51699@Space.Net> <20130207125220.GG51699@Space.Net> Message-ID: On Thursday, February 7, 2013, Gert Doering wrote: > I think we perfectly agree that *criminals* should have taken their > address space away, and that's what the NCC does. Now, "criminals" - and > this is where we know to disagree - are not folks that send e-mails that > other folks do not like, but folks where an instrument of the law has > decided "they are criminals" (LEOs or courts). > Ah, so the difference between spammers and other forms of online criminals like, say, botmasters I do however put it to you that there are plenty of email marketers who acquire IP space under their own business names, without having to create an endless series of shell companies to acquire outsize IP allocations. Does that mean RIPE NCC might want to, for example, have the dutch regulator that has a remit on antispam, OPTA, take a stand in this matter, if you are that concerned with penalizing genuine criminals rather than "people who send email that I don't like"? An interesting idea. --srs -- --srs (iPad) -------------- next part -------------- An HTML attachment was scrubbed... URL: From gert at space.net Thu Feb 7 16:18:51 2013 From: gert at space.net (Gert Doering) Date: Thu, 7 Feb 2013 16:18:51 +0100 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: References: <0C2184CC-2791-48C2-894C-C13E620BFE73@ripe.net> <93978.1360194159@tristatelogic.com> <20130207112236.GD51699@Space.Net> <20130207122029.GF51699@Space.Net> <20130207125220.GG51699@Space.Net> Message-ID: <20130207151851.GJ51699@Space.Net> Hi, On Thu, Feb 07, 2013 at 08:06:41PM +0530, Suresh Ramasubramanian wrote: > On Thursday, February 7, 2013, Gert Doering wrote: > > > I think we perfectly agree that *criminals* should have taken their > > address space away, and that's what the NCC does. Now, "criminals" - and > > this is where we know to disagree - are not folks that send e-mails that > > other folks do not like, but folks where an instrument of the law has > > decided "they are criminals" (LEOs or courts). > > Ah, so the difference between spammers and other forms of online criminals > like, say, botmasters Just an example, which makes it fairly obvious that a "criminal" to some is not a "criminal" to another. I neither like spammers nor botmasters, but the legal system in their country might make a difference. > I do however put it to you that there are plenty of email marketers who > acquire IP space under their own business names, without having to create > an endless series of shell companies to acquire outsize IP allocations. > > Does that mean RIPE NCC might want to, for example, have the dutch > regulator that has a remit on antispam, OPTA, take a stand in this matter, > if you are that concerned with penalizing genuine criminals rather than > "people who send email that I don't like"? An interesting idea. The stance of the RIPE NCC is clear: if a judge decides that someone is a criminal, they are. Otherwise, they are not, and there is no lever to take away their addresses just by someone calling them a criminal. This is all documented, and the link to the RIPE NCC LIR closure document has been posted here by Athina before. This can be changed, of course - the RIPE NCC operates under a policy framework set by its constituency. Unfortunately, this constituency has been completely unable to agree on a definition of "abuse" (in a "checklist" sense: someone has to take this definition, apply it to a certain case, and come to a clear conclusion). So that's what we have: criminal by law, lying to the NCC as far as LIR registration details go, or no reason to withdraw IP address allocations. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 306 bytes Desc: not available URL: From brian.nisbet at heanet.ie Thu Feb 7 20:04:37 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Thu, 07 Feb 2013 19:04:37 +0000 Subject: [anti-abuse-wg] Sony Copyright Infringement In-Reply-To: References: Message-ID: <5113FAC5.5000100@heanet.ie> Wayne Roberts wrote, On 07/02/2013 11:46: > Sorry to say this but I don't believe it is the Sony corporation, Based on; > > The domain he's sending from, I understand that Sony may have outsourced > their copy write claims but have you looked at "their" website? it's a > little blank for a copywrite claim company. > > The records for the domain antipirates-in.com > sounds to me more like somebody is trying to > hide something, Not that I'm saying the privacy option is a bad thing. > > Also the wording he was using in his original Email "/ including the > powerful internationally functional /*ic3.gov " *Since > we are talking about India here the fbi have no jurisdiction. > / > / > And again the wording*"*/or else get ready to be sued for damages" /does > not sound like the language a lawyer would use > And again "/This is the legal department of (/*/Sony Music Entertainment > India P.Ltd /*/)" /yet your email address is > sony.claims at antipirates-in.com > > I think it's either somebody with a grudge against mp3khan.net > or somebody is having a laugh !! > > But if I'm wrong ......... It really doesn't matter. this is not the correct place to report such things, either by the proper or improper authorities. This point has been stated, let's just leave this conversation alone now. Brian. Co-Chair, RIPE AA-WG From sony.claims at antipirates-in.com Thu Feb 7 20:08:38 2013 From: sony.claims at antipirates-in.com (Sony Music) Date: Fri, 8 Feb 2013 00:38:38 +0530 Subject: [anti-abuse-wg] Sony Copyright Infringement In-Reply-To: <5113FAC5.5000100@heanet.ie> References: <5113FAC5.5000100@heanet.ie> Message-ID: <46F02048-000C-45A1-B320-D61750E83A6F@antipirates-in.com> Hi All, to clear things, 1) yes we are outsourced agency for SONY copyrights claims. 2) I was just seeking help / knowledge about piracy and trying to clear the content. 3) i never knew here just talks happens instead any solution expect 1 or 2. On 08-Feb-2013, at 12:34 AM, Brian Nisbet wrote: > Wayne Roberts wrote, On 07/02/2013 11:46: >> Sorry to say this but I don't believe it is the Sony corporation, Based on; >> >> The domain he's sending from, I understand that Sony may have outsourced >> their copy write claims but have you looked at "their" website? it's a >> little blank for a copywrite claim company. >> >> The records for the domain antipirates-in.com >> sounds to me more like somebody is trying to >> hide something, Not that I'm saying the privacy option is a bad thing. >> >> Also the wording he was using in his original Email "/ including the >> powerful internationally functional /*ic3.gov " *Since >> we are talking about India here the fbi have no jurisdiction. >> / >> / >> And again the wording*"*/or else get ready to be sued for damages" /does >> not sound like the language a lawyer would use >> And again "/This is the legal department of (/*/Sony Music Entertainment >> India P.Ltd /*/)" /yet your email address is >> sony.claims at antipirates-in.com >> >> I think it's either somebody with a grudge against mp3khan.net >> or somebody is having a laugh !! >> >> But if I'm wrong ......... > > It really doesn't matter. this is not the correct place to report such things, either by the proper or improper authorities. This point has been stated, let's just leave this conversation alone now. > > Brian. > Co-Chair, RIPE AA-WG > > > > > > ------------------------ Powered by BigRock.com From rezaf at mindspring.com Thu Feb 7 20:33:43 2013 From: rezaf at mindspring.com (Reza Farzan) Date: Thu, 7 Feb 2013 14:33:43 -0500 (GMT-05:00) Subject: [anti-abuse-wg] Sony Copyright Infringement Message-ID: <11551249.1360265623479.JavaMail.root@elwamui-cypress.atl.sa.earthlink.net> An HTML attachment was scrubbed... URL: From sony.claims at antipirates-in.com Thu Feb 7 20:36:15 2013 From: sony.claims at antipirates-in.com (Sony Music) Date: Fri, 8 Feb 2013 01:06:15 +0530 Subject: [anti-abuse-wg] Sony Copyright Infringement In-Reply-To: <11551249.1360265623479.JavaMail.root@elwamui-cypress.atl.sa.earthlink.net> References: <11551249.1360265623479.JavaMail.root@elwamui-cypress.atl.sa.earthlink.net> Message-ID: <42B102C6-0276-427A-850F-C8B314B69EBE@antipirates-in.com> Hi Reza, Much appreciate for your help. Regards, On 08-Feb-2013, at 1:03 AM, Reza Farzan wrote: > Hello, > > As you have seen from the comments, you have sent your message to a wrong place--RIPE has nothing to do with Copyright Infringement, or piracy information. > > To report piracy, you need to send your request to these sources: > > - netpiracy at siia.net > - software at bsa.org > - hotline at mpaa.org > > For more information, you may need to contact these organizations directly: > > - The Software & Information Industry Association - http://siia.net/ > - The Software Alliance - http://www.bsa.org/country.aspx?sc_lang=en > - Motion Picture Association of America, Inc. - http://mpaa.org/ > - The US Copyrights office - http://www.copyright.gov/help/faq/faq-infringement.html > > Even better, you must consult a copyright attorney first, if you have not already. > > Thank you, > > Reza Farzan > > =========== > > -----Original Message----- > >From: Sony Music > >Sent: Feb 7, 2013 2:08 PM > >To: Brian Nisbet > >Cc: anti-abuse-wg at ripe.net > >Subject: Re: [anti-abuse-wg] Sony Copyright Infringement > > > >Hi All, > >to clear things, > > >1) yes we are outsourced agency for SONY copyrights claims. > > > >2) I was just seeking help / knowledge about piracy and trying to clear the content. > > > >3) i never knew here just talks happens instead any solution expect 1 or 2. > > > > > >On 08-Feb-2013, at 12:34 AM, Brian Nisbet wrote: > > > >> Wayne Roberts wrote, On 07/02/2013 11:46: > >>> Sorry to say this but I don't believe it is the Sony corporation, Based on; > >>> > >>> The domain he's sending from, I understand that Sony may have outsourced > >>> their copy write claims but have you looked at "their" website? it's a > >>> little blank for a copywrite claim company. > >>> > >>> The records for the domain antipirates-in.com > >>> sounds to me more like somebody is trying to > >>> hide something, Not that I'm saying the privacy option is a bad thing. > >>> > >>> Also the wording he was using in his original Email "/ including the > >>> powerful internationally functional /*ic3.gov " *Since > >>> we are talking about India here the fbi have no jurisdiction. > >>> / > >>> / > >>> And again the wording*"*/or else get ready to be sued for damages" /does > >>> not sound like the language a lawyer would use > >>> And again "/This is the legal department of (/*/Sony Music Entertainment > >>> India P.Ltd /*/)" /yet your email address is > >>> sony.claims at antipirates-in.com > >>> > >>> I think it's either somebody with a grudge against mp3khan.net > >>> or somebody is having a laugh !! > >>> > >>> But if I'm wrong ......... > >> > >> It really doesn't matter. this is not the correct place to report such things, either by the proper or improper authorities. This point has been stated, let's just leave this conversation alone now. > >> > >> Brian. > >> Co-Chair, RIPE AA-WG ------------------------ Powered by BigRock.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From rfg at tristatelogic.com Thu Feb 7 21:05:22 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Thu, 07 Feb 2013 12:05:22 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: Message-ID: <16736.1360267522@tristatelogic.com> In message Suresh Ramasubramanian wrote: >And I would be very interested to see just how much v6 space they have. > >Ron - noticed some? Only a tiny amount. I'm sorry, but I can't talk about that just yet. >And please don't even tell me there's enough v6 space for everybody so we >needn't worry about IP allocation at all, that is what we all thought back >when class A, B and C addresses were being handed out, so we might as well >learn from our past experience as from anything else. Although I appreciate the responses from both Suresh and also Gert Doering to my question about whether or not any policy exists allowing RIPE NCC to reclaim IPv4 space that is being squandered, both replies seem to start from the assmption that the proper way to judge whether a robust reclamation policy is warranted or not is to perform a simple cost/benefit analysis, where the "cost" aspect is _only_ that some IPv4 (or IPv6) address space is wasted and not available for other uses. Personally, I think that this view is too narrow, and I am frankly a bit surprised to find such a view prevalent on and within the mailing list of a purported "anti abuse" working group. Does the charter of this group include, or conversely, fail to include that the group can, should, and will advocate for the denial of resources _generally_ to those who abuse the Internet? And additionally, is conservation of (precious?) number resources the only rationale that might ever be the basis for reclamation actions with respect to said resources? Both here and within the ARIN region, discussions of the abuse of number resources always seem to devolve down to religious arguments about the value of IPv4 versus IPv6... and I see now that I am as much to blame for that as anybody, because I have often raised the issue of IPv4 exhaustion in the hopes that it might motivate people to care more, at least about cases of clear abuse of IPv4 address resources. But it occurs to me now this really misses the true issue. If I were to find a great big snowshoe spamming operation that was operating strictly and only from within IPv6 address space, would I want its IPv6 address allocation revoked? You bet I would! So also, I would hope, would everyone else on this list and in this "anti abuse" working group. Regards, rfg From rfg at tristatelogic.com Thu Feb 7 21:24:26 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Thu, 07 Feb 2013 12:24:26 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <20130207122029.GF51699@Space.Net> Message-ID: <16839.1360268666@tristatelogic.com> In message <20130207122029.GF51699 at Space.Net>, Gert Doering wrote: >If a rogue LIR gets a fresh /29 every week... My apologies for using the above as a jumping off point for a set of questions that are mostly unrelated to what Gert was talking about, but... Question: How may an independent researcher, such as myself, determine the entire set of address (IPv4 or IPv6) allocations that have been issued, by RIPE NCC, to a given LIR? Question: Given some pre-existing record for an IP{4,6} address block that exists, right now, within the RIPE WHOIS server, how may one determine which LIR, specifically, was responsible for assignment of that address block to the registered end user? If this information is not presently available within the RIPE WHOIS records, there is there any human being within RIPE NCC who can/will, upon request, supply this information? Question: Given some specific "admin-c" or "tech-c" contact handle, how may one determine the entire set of number resources that are, at present, associated with that given handle? Question: For the RIPE WHOIS server, is there some way to query the server in a way so that the only responses from the server will be strictly and only those records where there is an *exact match* of the "netname:" field to the query string (i.e, no implicit trailing wildcard)? Question: Within RIPE WHOIS records, may one organization use a par- ticular "netname" to designate its network, even if some different organization is already using that exact same "netname"? Thanks in advance for any and all answers. Regards, rfg From rfg at tristatelogic.com Thu Feb 7 21:53:04 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Thu, 07 Feb 2013 12:53:04 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <20130207125220.GG51699@Space.Net> Message-ID: <17032.1360270384@tristatelogic.com> In message <20130207125220.GG51699 at Space.Net>, Gert Doering wrote: >I think we perfectly agree that *criminals* should have taken their >address space away, and that's what the NCC does. Now, "criminals" - and >this is where we know to disagree - are not folks that send e-mails that >other folks do not like, but folks where an instrument of the law has >decided "they are criminals" (LEOs or courts). I feel quite certain that there is some... perhaps many... jurisdictions where launching and/or sustaining a DDoS is not in the least bit illegal. Should the organization, administration, and governance of an orderly Internet be held hostage to the lowest common denominator of whatever backwards underdeveloped country or local jurisdiction has adopted and implemented the weakest statutes with respect to abusive use of the Internet? If so, then I do believe that I shall be shortly be moving to Belize and opening up my own boutique DDoS-for-hire company. (Even within the "civilized" developed/industrialized nations of the world, I do not believe that I am at all alone in my view that the various members of the various legislative bodies of these countries, including my own, have shown themselves, over time, to be largely if not entirely incapable of making rational decisions with respect to what should or what should not be allowed in "cyberspace". If technical folks, such as us here, who actually have a prayer of actually under- standing the issues, abdicate governance of the Internet to these technically incompetent national legislatures, then we will get what we deserve in return for that, I think.) >Fake registration data in itself is also enough to withdraw resources >by the RIPE NCC... Please excuse my impertinence, but I have to ask... When? Regards, rfg From leo.vegoda at icann.org Thu Feb 7 21:51:11 2013 From: leo.vegoda at icann.org (Leo Vegoda) Date: Thu, 7 Feb 2013 12:51:11 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <16839.1360268666@tristatelogic.com> References: <20130207122029.GF51699@Space.Net> <16839.1360268666@tristatelogic.com> Message-ID: <5648A8908CCB564EBF46E2BC904A75B15EFE3B4F17@EXVPMBX100-1.exc.icann.org> Ronald F. Guilmette wrote: [...] > Question: How may an independent researcher, such as myself, determine > the entire set of address (IPv4 or IPv6) allocations that have been > issued, by RIPE NCC, to a given LIR? Do an inverse lookup based on the LIR's Organisation object. Here's an example for the RIPE NCC: https://apps.db.ripe.net/search/query.html?searchtext=ORG-NCC1-RIPE&flags=&s ources=RIPE_NCC&grssources=&inverse=ORG&types=#resultsAnchor > Question: Given some pre-existing record for an IP{4,6} address block > that exists, right now, within the RIPE WHOIS server, how may one > determine which LIR, specifically, was responsible for assignment of > that address block to the registered end user? If this information is > not presently available within the RIPE WHOIS records, there is there > any human being within RIPE NCC who can/will, upon request, supply this > information? Use the -L or -l flags to look up the allocation hierarchy. > Question: Given some specific "admin-c" or "tech-c" contact handle, > how may one determine the entire set of number resources that are, > at present, associated with that given handle? Another inverse query. There's a handy web interface with clicky boxes if you prefer that to a command line client. > Question: Have you considered looking at the extensive documentation and training materials on the RIPE NCC's web site? Alternatively, if you don't want to read instructional materials, database help questions might be more appropriately directed at the db-help list: http://www.ripe.net/ripe/mail/ripe-mailing-lists/db-help Regards, Leo -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5499 bytes Desc: not available URL: From rfg at tristatelogic.com Thu Feb 7 22:15:45 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Thu, 07 Feb 2013 13:15:45 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <5648A8908CCB564EBF46E2BC904A75B15EFE3B4F17@EXVPMBX100-1.exc.icann.org> Message-ID: <17279.1360271745@tristatelogic.com> In message <5648A8908CCB564EBF46E2BC904A75B15EFE3B4F17 at EXVPMBX100-1.exc.icann.o rg>, Leo Vegoda wrote: >Ronald F. Guilmette wrote: >> Question: How may an independent researcher, such as myself, determine >> the entire set of address (IPv4 or IPv6) allocations that have been >> issued, by RIPE NCC, to a given LIR? > >Do an inverse lookup based on the LIR's Organisation object. Here's an >example for the RIPE NCC: > >https://apps.db.ripe.net/search/query.html?searchtext=ORG-NCC1-RIPE&flags=&s >ources=RIPE_NCC&grssources=&inverse=ORG&types=#resultsAnchor Ummmm... I went to the exact URL you gave above and all I get is: Error: No results were found for your search. Your search details may be too selective. Well, it doesn't matter anyway. What I would really like is a solution that I can use with the good-old-fashioned WHOIS server... _not_ via the web interface. How can I find all IPv{4,6} allocations assigned to a given LIR using the actual WHOIS server? (An actual example would be most helpful.) >> Question: Given some pre-existing record for an IP{4,6} address block >> that exists, right now, within the RIPE WHOIS server, how may one >> determine which LIR, specifically, was responsible for assignment of >> that address block to the registered end user? If this information is >> not presently available within the RIPE WHOIS records, there is there >> any human being within RIPE NCC who can/will, upon request, supply this >> information? > >Use the -L or -l flags to look up the allocation hierarchy. OK! Duh! I should have known that. thanks. >> Question: Given some specific "admin-c" or "tech-c" contact handle, >> how may one determine the entire set of number resources that are, >> at present, associated with that given handle? > >Another inverse query. There's a handy web interface with clicky boxes if >you prefer that to a command line client. No, I greatly prefer what you are calling the "command line interface", which is, I assme, what I am calling the good-old-fashioned WHOIS service (TCP port 43). >> Question: > >Have you considered looking at the extensive documentation and training >materials on the RIPE NCC's web site? I did, actually. It is not the most clear piece of technical documentation I have ever encountered. But I will give it another try. Regards, rfg From fredrik at resilans.se Thu Feb 7 23:18:42 2013 From: fredrik at resilans.se (Fredrik Widell) Date: Thu, 7 Feb 2013 23:18:42 +0100 (CET) Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <17279.1360271745@tristatelogic.com> References: <17279.1360271745@tristatelogic.com> Message-ID: On Thu, 7 Feb 2013, Ronald F. Guilmette wrote: Or, you can just get the file ftp://ftp.ripe.net/pub/stats/ripencc/membership/alloclist.txt and look for the lir and see their resources. > > In message <5648A8908CCB564EBF46E2BC904A75B15EFE3B4F17 at EXVPMBX100-1.exc.icann.o > rg>, Leo Vegoda wrote: > >> Ronald F. Guilmette wrote: >>> Question: How may an independent researcher, such as myself, determine >>> the entire set of address (IPv4 or IPv6) allocations that have been >>> issued, by RIPE NCC, to a given LIR? >> >> Do an inverse lookup based on the LIR's Organisation object. Here's an >> example for the RIPE NCC: >> >> https://apps.db.ripe.net/search/query.html?searchtext=ORG-NCC1-RIPE&flags=&s >> ources=RIPE_NCC&grssources=&inverse=ORG&types=#resultsAnchor > > Ummmm... I went to the exact URL you gave above and all I get is: > > Error: No results were found for your search. Your search details may be too selective. > > Well, it doesn't matter anyway. What I would really like is a solution > that I can use with the good-old-fashioned WHOIS server... _not_ via > the web interface. > > How can I find all IPv{4,6} allocations assigned to a given LIR using > the actual WHOIS server? (An actual example would be most helpful.) > >>> Question: Given some pre-existing record for an IP{4,6} address block >>> that exists, right now, within the RIPE WHOIS server, how may one >>> determine which LIR, specifically, was responsible for assignment of >>> that address block to the registered end user? If this information is >>> not presently available within the RIPE WHOIS records, there is there >>> any human being within RIPE NCC who can/will, upon request, supply this >>> information? >> >> Use the -L or -l flags to look up the allocation hierarchy. > > OK! Duh! I should have known that. thanks. > >>> Question: Given some specific "admin-c" or "tech-c" contact handle, >>> how may one determine the entire set of number resources that are, >>> at present, associated with that given handle? >> >> Another inverse query. There's a handy web interface with clicky boxes if >> you prefer that to a command line client. > > No, I greatly prefer what you are calling the "command line interface", > which is, I assme, what I am calling the good-old-fashioned WHOIS service > (TCP port 43). > >>> Question: >> >> Have you considered looking at the extensive documentation and training >> materials on the RIPE NCC's web site? > > I did, actually. It is not the most clear piece of technical documentation > I have ever encountered. But I will give it another try. > > > Regards, > rfg > > -- Mvh Fredrik Widell Resilans AB http://www.resilans.se/ mail: info at resilans.se , fredrik at resilans.se phone: +46 8 688 11 82 From brian.nisbet at heanet.ie Fri Feb 8 15:47:34 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Fri, 08 Feb 2013 14:47:34 +0000 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <16736.1360267522@tristatelogic.com> References: <16736.1360267522@tristatelogic.com> Message-ID: <51151006.3070401@heanet.ie> On 07/02/2013 20:05, Ronald F. Guilmette wrote: > In message > Suresh Ramasubramanian wrote: > >> And I would be very interested to see just how much v6 space they have. >> >> Ron - noticed some? > > Only a tiny amount. I'm sorry, but I can't talk about that just yet. > >> And please don't even tell me there's enough v6 space for everybody so we >> needn't worry about IP allocation at all, that is what we all thought back >> when class A, B and C addresses were being handed out, so we might as well >> learn from our past experience as from anything else. > > Although I appreciate the responses from both Suresh and also Gert Doering > to my question about whether or not any policy exists allowing RIPE NCC > to reclaim IPv4 space that is being squandered, both replies seem to start > from the assmption that the proper way to judge whether a robust reclamation > policy is warranted or not is to perform a simple cost/benefit analysis, > where the "cost" aspect is _only_ that some IPv4 (or IPv6) address space is > wasted and not available for other uses. > > Personally, I think that this view is too narrow, and I am frankly a bit > surprised to find such a view prevalent on and within the mailing list > of a purported "anti abuse" working group. > > Does the charter of this group include, or conversely, fail to include > that the group can, should, and will advocate for the denial of resources > _generally_ to those who abuse the Internet? The reclamation of resources is not specifically stated in the charter. Of course, should the WG will it, the charter can always be re-examined. However the group has had multiple interactions with the NCC in regards to the closing of LIRs and the reclamation of resources. I think Gert referenced Athina Fragkouli's emails and presentations to the WG on this matter. The slides from the presentation from RIPE61 are here: http://ripe61.ripe.net/presentations/281-Closure_of_LIRs_and_deregistration_of_resources_anti_abuse_aspects.pdf and the final document is here: https://www.ripe.net/ripe/docs/ripe-517 Brian From rfg at tristatelogic.com Fri Feb 8 21:07:00 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Fri, 08 Feb 2013 12:07:00 -0800 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <51151006.3070401@heanet.ie> Message-ID: <28581.1360354020@tristatelogic.com> In message <51151006.3070401 at heanet.ie>, Brian Nisbet wrote: >On 07/02/2013 20:05, Ronald F. Guilmette wrote: >> Does the charter of this group include, or conversely, fail to include >> that the group can, should, and will advocate for the denial of resources >> _generally_ to those who abuse the Internet? > >The reclamation of resources is not specifically stated in the charter. >Of course, should the WG will it, the charter can always be re-examined. What would be the process for initiating such a change? >However the group has had multiple interactions with the NCC in regards >to the closing of LIRs and the reclamation of resources. So, if I have understood you, you are saying that this WG has already been advocating for the denial of resources, generally, to those who abuse the Internet, correct? >and the final document is here: > >https://www.ripe.net/ripe/docs/ripe-517 It would appear that a newer revision of this document exists: https://www.ripe.net/ripe/docs/ripe-541 I am studying it with more than a little facination. Already, my attention has been drawn to two specific segments of this document: B.1.1.b Invalidity of original allocation/assignment criteria Internet number resources are allocated/assigned based on a specific need. When the original technical requirements or the business purpose for the use of the Internet number resources change, the allocation/ assignment becomes invalid. If the RIPE NCC notices any change in the original technical criteria or the original business purposes for using the Internet number resources, the RIPE NCC is authorised to deregister the relevant Internet number resources. B.1.1.e Fraudulent request If a Member has submitted a fraudulent request for an allocation or an Independent resource (for example, by providing incorrect purpose/ need or falsified information about the network, etc.), the RIPE NCC will deregister the relevant records. Personally, I have slightly more than a passing familiarity with U.S. law, and I am aware that within U.S. law, even tiny details (i.e. individual words) can make a great difference to interpretation. Thus, I am forced to ask if the difference in language between the two sections above was/is deliberate or not. On the one hand, the first section says that "...RIPE NCC is authorised to deregister..." while on the other hand the second section says that "... RIPE NCC will deregister...". The latter is obviously stronger than the former. Was that deliberate or inadvertant? (Note that this difference in language is mirrored again in sections B.1.2.c and B.1.2.f.) I am also curious about this passage from B.1.1.b: "If the RIPE NCC notices any change in the original technical criteria or the original business purposes for using the Internet number resources...". I gather that the purpose of the online web reporting form I have heard tell about is supposed to be a way in which random citizens, such as myself, can cause or induce RIPE NCC to "notice" that a given assigneee is not using its number resources in conformance with "the original technical criteria or the original business purposes". Is that correct? Assming so, could someone please send me the URL of that again. Thanks. Regards, rfg P.S. Regarding the earlier discussion as to publication of all reports made to RIPE NCC via that form... yes... I see now how that could be invaluable. Without that, the reports could easily fall into a black hole, never to be heard from again, _even_ in cases where Sections B.1.1.e and B.1.2.f of the above document seem to _require_ action on the part of RIPE NCC. From fw at deneb.enyo.de Fri Feb 8 21:27:39 2013 From: fw at deneb.enyo.de (Florian Weimer) Date: Fri, 08 Feb 2013 21:27:39 +0100 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: (Fredrik Widell's message of "Thu, 7 Feb 2013 23:18:42 +0100 (CET)") References: <17279.1360271745@tristatelogic.com> Message-ID: <87pq0a7dqc.fsf@mid.deneb.enyo.de> * Fredrik Widell: > On Thu, 7 Feb 2013, Ronald F. Guilmette wrote: > > Or, you can just get the file > > ftp://ftp.ripe.net/pub/stats/ripencc/membership/alloclist.txt > > and look for the lir and see their resources. Allocated resources do not always tell the full story. Ideally, you also want provider-independent assignments for which the LIR pays the fee, and the resources controlled by the LIR which RIPE NCC has exempted from billing (ERX mainly, but perhaps there are others). From fredrik at resilans.se Fri Feb 8 21:43:50 2013 From: fredrik at resilans.se (Fredrik Widell) Date: Fri, 8 Feb 2013 21:43:50 +0100 (CET) Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <87pq0a7dqc.fsf@mid.deneb.enyo.de> References: <17279.1360271745@tristatelogic.com> <87pq0a7dqc.fsf@mid.deneb.enyo.de> Message-ID: On Fri, 8 Feb 2013, Florian Weimer wrote: > * Fredrik Widell: > >> On Thu, 7 Feb 2013, Ronald F. Guilmette wrote: >> >> Or, you can just get the file >> >> ftp://ftp.ripe.net/pub/stats/ripencc/membership/alloclist.txt >> >> and look for the lir and see their resources. > > Allocated resources do not always tell the full story. Ideally, you > also want provider-independent assignments for which the LIR pays the > fee, and the resources controlled by the LIR which RIPE NCC has > exempted from billing (ERX mainly, but perhaps there are others). You will probably get most of the resources by querying the objects the lir maintains aswell by this query: whois -h whois.ripe.net -- "-B -r -i mnt-by,mnt-routes,mnt-domains,mnt-lower,mnt-irt THE-LIR-MAINTAINER" > > -- Mvh Fredrik Widell Resilans AB http://www.resilans.se/ mail: info at resilans.se , fredrik at resilans.se phone: +46 8 688 11 82 From brian.nisbet at heanet.ie Sat Feb 9 16:16:58 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Sat, 09 Feb 2013 15:16:58 +0000 Subject: [anti-abuse-wg] Allocation of number resources In-Reply-To: <28581.1360354020@tristatelogic.com> References: <28581.1360354020@tristatelogic.com> Message-ID: <5116686A.8020208@heanet.ie> Ronald F. Guilmette wrote, On 08/02/2013 20:07: > In message <51151006.3070401 at heanet.ie>, > Brian Nisbet wrote: > >> On 07/02/2013 20:05, Ronald F. Guilmette wrote: >>> Does the charter of this group include, or conversely, fail to include >>> that the group can, should, and will advocate for the denial of resources >>> _generally_ to those who abuse the Internet? >> >> The reclamation of resources is not specifically stated in the charter. >> Of course, should the WG will it, the charter can always be re-examined. > > What would be the process for initiating such a change? The best way to do it would likely be for a member of the WG to talk to the the chairs with some suggestions and we can discuss it from there. But ultimately the WG endorses the charter, so if the WG wants a change, then a change they shall have. >> However the group has had multiple interactions with the NCC in regards >> to the closing of LIRs and the reclamation of resources. > > So, if I have understood you, you are saying that this WG has already been > advocating for the denial of resources, generally, to those who abuse the > Internet, correct? That's an extremely simple description of a very complex position. It has generally been the position that those who abuse the network should not do so and things should be put in place to make it possible for resources to be reclaimed, where necessary and appropriate. >> and the final document is here: >> >> https://www.ripe.net/ripe/docs/ripe-517 > > It would appear that a newer revision of this document exists: > > https://www.ripe.net/ripe/docs/ripe-541 Sorry, my mistake, I picked the wrong version. 541 has also been updated: https://www.ripe.net/ripe/docs/ripe-578 Can you just check your questions still apply to this version? Brian From rfg at tristatelogic.com Sat Feb 9 21:28:34 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Sat, 09 Feb 2013 12:28:34 -0800 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <5116686A.8020208@heanet.ie> Message-ID: <5959.1360441714@tristatelogic.com> In message <5116686A.8020208 at heanet.ie>, Brian Nisbet wrote: >Ronald F. Guilmette wrote, On 08/02/2013 20:07: >> In message <51151006.3070401 at heanet.ie>, >> Brian Nisbet wrote: >>> The reclamation of resources is not specifically stated in the charter. >>> Of course, should the WG will it, the charter can always be re-examined. >> >> What would be the process for initiating such a change? > >The best way to do it would likely be for a member of the WG to talk to >the the chairs with some suggestions and we can discuss it from there. >But ultimately the WG endorses the charter, so if the WG wants a change, >then a change they shall have. Not being a member of the WG myself, it is reasonable to assume, I think, that I would not be at all a proper person to make a motion to modify the charter in the manner described. I nontheless hope that some member in good standing will see fit to do so. Regards, rfg From rfg at tristatelogic.com Sat Feb 9 21:33:24 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Sat, 09 Feb 2013 12:33:24 -0800 Subject: [anti-abuse-wg] Reclamation/current policy (was: Re: Allocation of number resources) In-Reply-To: <5116686A.8020208@heanet.ie> Message-ID: <6000.1360442004@tristatelogic.com> In message <5116686A.8020208 at heanet.ie>, Brian Nisbet wrote: >Ronald F. Guilmette wrote, On 08/02/2013 20:07: >> >> It would appear that a newer revision of this document exists: >> >> https://www.ripe.net/ripe/docs/ripe-541 > >Sorry, my mistake, I picked the wrong version. 541 has also been updated: > >https://www.ripe.net/ripe/docs/ripe-578 > >Can you just check your questions still apply to this version? Yes, they still do apply. I would still like to know why Section B.1.b apparently says that RIPE NCC _might_ reclaim the improperly allocated resources whereas Section B.1.e says quite clearly that RIPE NCC "will" reclaim the resources. Again, my question is: Was this difference in wording intentional and deliberate? Or was it inadvertant and unintended? Regards, rfg From sander at steffann.nl Sun Feb 10 01:07:26 2013 From: sander at steffann.nl (Sander Steffann) Date: Sun, 10 Feb 2013 01:07:26 +0100 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <5959.1360441714@tristatelogic.com> References: <5959.1360441714@tristatelogic.com> Message-ID: Hi, > Not being a member of the WG myself, it is reasonable to assume, I think, that I would not be at all a proper person to make a motion to modify the charter in the manner described. I nontheless hope that some member in good standing will see fit to do so. You're wrong there: if you are on this mailing list then you are part of the WG. There is no formal membership or anything like that. Just people working together. You don't have to be the one to make a motion to modify the charter, but feel free to do so if you want to. Cheers, Sander From brian.nisbet at heanet.ie Mon Feb 11 16:14:45 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Mon, 11 Feb 2013 15:14:45 +0000 Subject: [anti-abuse-wg] Reclamation/current policy In-Reply-To: <6000.1360442004@tristatelogic.com> References: <6000.1360442004@tristatelogic.com> Message-ID: <51190AE5.8040107@heanet.ie> Ronald, Ronald F. Guilmette wrote the following on 09/02/2013 20:33: > In message <5116686A.8020208 at heanet.ie>, > Brian Nisbet wrote: > >> Ronald F. Guilmette wrote, On 08/02/2013 20:07: >>> >>> It would appear that a newer revision of this document exists: >>> >>> https://www.ripe.net/ripe/docs/ripe-541 >> >> Sorry, my mistake, I picked the wrong version. 541 has also been updated: >> >> https://www.ripe.net/ripe/docs/ripe-578 >> >> Can you just check your questions still apply to this version? > > Yes, they still do apply. > > I would still like to know why Section B.1.b apparently says that RIPE > NCC _might_ reclaim the improperly allocated resources whereas Section > B.1.e says quite clearly that RIPE NCC "will" reclaim the resources. > > Again, my question is: Was this difference in wording intentional and > deliberate? Or was it inadvertant and unintended? If the NCC, who authored the document, don't come along and answer soon, I'll take it up with them directly. Brian From rfg at tristatelogic.com Tue Feb 12 01:39:49 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Mon, 11 Feb 2013 16:39:49 -0800 Subject: [anti-abuse-wg] Fradulent Companies Obtaining Resources Message-ID: <4523.1360629589@server1.tristatelogic.com> Given that I recently reported here a group of fradulent Romanian companies that had managed to obtain resources... for application to less-than-honorable goals... this recent news story seems both timely and apropos: http://www.theregister.co.uk/2013/02/05/digitally_signed_banking_trojan/ From rfg at tristatelogic.com Tue Feb 12 07:43:50 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Mon, 11 Feb 2013 22:43:50 -0800 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: Message-ID: <45422.1360651430@server1.tristatelogic.com> In message , Sander Steffann wrote: >rfg wrote: >> Not being a member of the WG myself, it is reasonable to assume, I >>think, that I would not be at all a proper person to make a motion to >>modify the charter in the manner described. I nontheless hope that some >>member in good standing will see fit to do so. > > >You're wrong there: if you are on this mailing list then you are part of >the WG. There is no formal membership or anything like that. Just people >working together. You don't have to be the one to make a motion to >modify the charter, but feel free to do so if you want to. Very well. Please consider it so moved. Again, for clarity, the proposal is that the formal charter of this group be amended to include language which states explicitly that this group may (or shall) work towards the goal, among others, of seeing to it that the use and/or registration of any and all forms of Internet number resources shall be denied to any and all parties engaging in abuse of the Internet. Regards, rfg P.S. Of course, if there is neither unanimity, or a majority, nor even a plurality, in and among this group, or in and among the RIPE membership as a whole, that can come to agreement on any definition whatsoever of the term "abuse of the Internet", however minimalist or uncontroversial, then the above proposal, even if generally accepted, would be utterly meaningless. If there is no generally agreed notion of "abuse" then by definition there are no parties who would be generally agress to be abusers, and thus, no one to whom this group could or should work to deny number resources. (I believe that I saw it asserted here earlier that, even as of this late date, there is no general agreement, within this group or within the RIPE membership as a whole as to what things might or do constitute "abuse of the Internet". If that is correct, then offhand I would have to say that arriving at some common understanding of that term could be, would be, and should be the first order of business for this group, above all else. I mean what's the point of having an "anti abuse" group if nobody even knows for sure what "abuse" is?) From peter at hk.ipsec.se Tue Feb 12 08:18:57 2013 From: peter at hk.ipsec.se (peter h) Date: Tue, 12 Feb 2013 08:18:57 +0100 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <45422.1360651430@server1.tristatelogic.com> References: <45422.1360651430@server1.tristatelogic.com> Message-ID: <201302120818.58387.peter@hk.ipsec.se> On Tuesday 12 February 2013 07.43, Ronald F. Guilmette wrote: > > In message , > Sander Steffann wrote: > > >rfg wrote: > >> Not being a member of the WG myself, it is reasonable to assume, I > >>think, that I would not be at all a proper person to make a motion to > >>modify the charter in the manner described. I nontheless hope that some > >>member in good standing will see fit to do so. > > > > > >You're wrong there: if you are on this mailing list then you are part of > >the WG. There is no formal membership or anything like that. Just people > >working together. You don't have to be the one to make a motion to > >modify the charter, but feel free to do so if you want to. > > Very well. Please consider it so moved. > > Again, for clarity, the proposal is that the formal charter of this group > be amended to include language which states explicitly that this group > may (or shall) work towards the goal, among others, of seeing to it that > the use and/or registration of any and all forms of Internet number resources > shall be denied to any and all parties engaging in abuse of the Internet. > > > Regards, > rfg > > > P.S. Of course, if there is neither unanimity, or a majority, nor even > a plurality, in and among this group, or in and among the RIPE membership > as a whole, that can come to agreement on any definition whatsoever of > the term "abuse of the Internet", however minimalist or uncontroversial, > then the above proposal, even if generally accepted, would be utterly > meaningless. If there is no generally agreed notion of "abuse" then by > definition there are no parties who would be generally agress to be abusers, > and thus, no one to whom this group could or should work to deny number > resources. > > (I believe that I saw it asserted here earlier that, even as of this late > date, there is no general agreement, within this group or within the > RIPE membership as a whole as to what things might or do constitute > "abuse of the Internet". If that is correct, then offhand I would have > to say that arriving at some common understanding of that term could be, > would be, and should be the first order of business for this group, above > all else. I mean what's the point of having an "anti abuse" group if > nobody even knows for sure what "abuse" is?) Wrong ! Sending Spam ( unsolicited massmail ) has been unacceptable since 1985 and was once punished with "Internet Deathpenalty"( isolation ). Today Spam seems to be ignored since we pay dearly for mechanical ways of filtering, with varying success. Still Spam is not even a crime in many countries, and in others like sweden it's not really investigated nor punished. Spam is in addition to marketing purposes sometimes used as a vehicle for fraud or virus but it's still Spam. Why don't we do something against it ??? > > -- Peter H?kanson There's never money to do it right, but always money to do it again ... and again ... and again ... and again. ( Det ?r billigare att g?ra r?tt. Det ?r dyrt att laga fel. ) From brian.nisbet at heanet.ie Tue Feb 12 09:35:49 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Tue, 12 Feb 2013 08:35:49 +0000 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <45422.1360651430@server1.tristatelogic.com> References: <45422.1360651430@server1.tristatelogic.com> Message-ID: <5119FEE5.8050800@heanet.ie> Ronald F. Guilmette wrote the following on 12/02/2013 06:43: > In message , > Sander Steffann wrote: > >> rfg wrote: >>> Not being a member of the WG myself, it is reasonable to assume, I >>> think, that I would not be at all a proper person to make a motion to >>> modify the charter in the manner described. I nontheless hope that some >>> member in good standing will see fit to do so. >> >> >> You're wrong there: if you are on this mailing list then you are part of >> the WG. There is no formal membership or anything like that. Just people >> working together. You don't have to be the one to make a motion to >> modify the charter, but feel free to do so if you want to. > > Very well. Please consider it so moved. > > Again, for clarity, the proposal is that the formal charter of this group > be amended to include language which states explicitly that this group > may (or shall) work towards the goal, among others, of seeing to it that > the use and/or registration of any and all forms of Internet number resources > shall be denied to any and all parties engaging in abuse of the Internet. Ok. The more precise any wording changes can be made, the better, and I'm more than willing to help with this. We can also probably work on the above. > P.S. Of course, if there is neither unanimity, or a majority, nor even > a plurality, in and among this group, or in and among the RIPE membership > as a whole, that can come to agreement on any definition whatsoever of > the term "abuse of the Internet", however minimalist or uncontroversial, > then the above proposal, even if generally accepted, would be utterly > meaningless. If there is no generally agreed notion of "abuse" then by > definition there are no parties who would be generally agress to be abusers, > and thus, no one to whom this group could or should work to deny number > resources. I've seen various definitions of "abuse of the Internet" from various different parties and, indeed, the conversations over definitions have been both fruitless and lengthy. > (I believe that I saw it asserted here earlier that, even as of this late > date, there is no general agreement, within this group or within the > RIPE membership as a whole as to what things might or do constitute > "abuse of the Internet". If that is correct, then offhand I would have > to say that arriving at some common understanding of that term could be, > would be, and should be the first order of business for this group, above > all else. I mean what's the point of having an "anti abuse" group if > nobody even knows for sure what "abuse" is?) See above, although I suspect we could add some examples to the non-exhaustive list already on the charter, which was the intent when it was written. That may be as close as we get. Brian Co-Chair, AA-WG From athina.fragkouli at ripe.net Tue Feb 12 09:49:20 2013 From: athina.fragkouli at ripe.net (Athina Fragkouli) Date: Tue, 12 Feb 2013 09:49:20 +0100 Subject: [anti-abuse-wg] Reclamation/current policy (was: Re: Allocation of number resources) In-Reply-To: <511A008A.1010402@ripe.net> References: <511A008A.1010402@ripe.net> Message-ID: <511A0210.8020708@ripe.net> Dear colleagues, We would like to address the matter raised about the "Closure of Member and Deregistration of Internet Number Resources" procedural document (ripe-578), and in particular the following sections: - B.1.1.b Invalidity of original allocation/assignment criteria Internet number resources are allocated/assigned based on a specific need. When the original technical requirements or the business purpose for the use of the Internet number resources change, the allocation/ assignment becomes invalid. If the RIPE NCC notices any change in the original technical criteria or the original business purposes for using the Internet number resources, the RIPE NCC is authorised to deregister the relevant Internet number resources. - B.1.1.e Fraudulent request If a Member has submitted a fraudulent request for an allocation or an Independent resource (for example, by providing incorrect purpose/need or falsified information about the network, etc.), the RIPE NCC will deregister the relevant records. In section B.1.1.b "the RIPE NCC is authorised to deregister the relevant Internet number resources" whereas in section B.1.1.e "the RIPE NCC will deregister the relevant records". There is indeed a difference in the way we handle these two cases. Section B.1.1.b describes two cases: a) Assignments: Assignments are justified by a specific technical need. If the RIPE NCC finds that the original assignment criteria are no longer valid, we are authorised to deregister the assignment. In most cases when the original criteria are not longer valid, however, the reason is that the business of the end user has changed, and while the original criteria are no longer valid, there is still a valid technical need for address space. In such cases, we normally evaluate the "new" justification and update our records because deregistering one assignment while at the same time registering a new one is an unnecessary bureaucratic exercise. b) Allocations: Allocations never have a specific technical need as justification. An allocation is a block that is reserved for an LIR to make assignments out of. As such, the justification for an allocation is the business the LIR operates, which requires them to make assignments. Only when an LIR ceases to operate the business that requires it to make assignments would the allocation become invalid. But if the allocation is based on a fraudulent request (section B.1.1.e), this is clearly an offense. The RIPE NCC will certainly deregister the resources if there is evidence that the request was based on falsified information. Kind regards, Athina Fragkouli RIPE NCC > *From: *"Ronald F. Guilmette" > > *Subject: **[anti-abuse-wg] Reclamation/current policy (was: Re: > Allocation of number resources)* > *Date: *February 9, 2013 9:33:24 PM GMT+01:00 > *To: *anti-abuse-wg at ripe.net > > > In message <5116686A.8020208 at heanet.ie>, > Brian Nisbet > > wrote: > >> Ronald F. Guilmette wrote, On 08/02/2013 20:07: >>> >>> It would appear that a newer revision of this document exists: >>> >>> https://www.ripe.net/ripe/docs/ripe-541 >> >> Sorry, my mistake, I picked the wrong version. 541 has also been updated: >> >> https://www.ripe.net/ripe/docs/ripe-578 >> >> Can you just check your questions still apply to this version? > > Yes, they still do apply. > > I would still like to know why Section B.1.b apparently says that RIPE > NCC _might_ reclaim the improperly allocated resources whereas Section > B.1.e says quite clearly that RIPE NCC "will" reclaim the resources. > > Again, my question is: Was this difference in wording intentional and > deliberate? Or was it inadvertant and unintended? > > > Regards, > rfg > From rfg at tristatelogic.com Wed Feb 13 00:07:29 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Tue, 12 Feb 2013 15:07:29 -0800 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <201302120818.58387.peter@hk.ipsec.se> Message-ID: <50376.1360710449@server1.tristatelogic.com> In message <201302120818.58387.peter at hk.ipsec.se>, peter h wrote: >> (I believe that I saw it asserted here earlier that, even as of this late >> date, there is no general agreement, within this group or within the >> RIPE membership as a whole as to what things might or do constitute >> "abuse of the Internet". If that is correct, then offhand I would have >> to say that arriving at some common understanding of that term could be, >> would be, and should be the first order of business for this group, above >> all else. I mean what's the point of having an "anti abuse" group if >> nobody even knows for sure what "abuse" is?) > >Wrong ! >Sending Spam ( unsolicited massmail ) has been unacceptable since 1985 and >was >once punished with "Internet Deathpenalty"( isolation ). > >Today Spam seems to be ignored since we pay dearly for mechanical ways of f >iltering, >with varying success. Still Spam is not even a crime in many countries, and > in >others like sweden it's not really investigated nor punished. > >Spam is in addition to marketing purposes sometimes used as a vehicle for f >raud or virus >but it's still Spam. > >Why don't we do something against it ??? I am not at all sure who, exactly, you were adressing your comments to. If you had intended them for me... well... all I can say is that you are attempting to sell your point of view to the Wrong Guy. Personally, I was already convinced quite a long time ago that spam is an awful scourge, and I've personally done much over the past 18 years to try to thwart it, and those who send it... more than most, I do believe. Regards, rfg From rfg at tristatelogic.com Wed Feb 13 00:25:36 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Tue, 12 Feb 2013 15:25:36 -0800 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <5119FEE5.8050800@heanet.ie> Message-ID: <50510.1360711536@server1.tristatelogic.com> In message <5119FEE5.8050800 at heanet.ie>, Brian Nisbet wrote: >Ronald F. Guilmette wrote the following on 12/02/2013 06:43: >> Again, for clarity, the proposal is that the formal charter of this group >> be amended to include language which states explicitly that this group >> may (or shall) work towards the goal, among others, of seeing to it that >> the use and/or registration of any and all forms of Internet number resource >s >> shall be denied to any and all parties engaging in abuse of the Internet. > >Ok. The more precise any wording changes can be made, the better, and >I'm more than willing to help with this. We can also probably work on >the above. Thank you for your willingness to help. >> P.S. Of course, if there is neither unanimity, or a majority, nor even >> a plurality, in and among this group, or in and among the RIPE membership >> as a whole, that can come to agreement on any definition whatsoever of >> the term "abuse of the Internet", however minimalist or uncontroversial, >> then the above proposal, even if generally accepted, would be utterly >> meaningless. If there is no generally agreed notion of "abuse" then by >> definition there are no parties who would be generally agress to be abusers, >> and thus, no one to whom this group could or should work to deny number >> resources. > >I've seen various definitions of "abuse of the Internet" from various >different parties and, indeed, the conversations over definitions have >been both fruitless and lengthy. My assumption is that at the end, there must have been at least _some_ agreement with regards to at least a minimalist definition of the term "Internet abuse". Elsewise, I would guess that this WG would have been utterly disbanded by now, you know, for lack of direction. >> (I believe that I saw it asserted here earlier that, even as of this late >> date, there is no general agreement, within this group or within the >> RIPE membership as a whole as to what things might or do constitute >> "abuse of the Internet". If that is correct, then offhand I would have >> to say that arriving at some common understanding of that term could be, >> would be, and should be the first order of business for this group, above >> all else. I mean what's the point of having an "anti abuse" group if >> nobody even knows for sure what "abuse" is?) > >See above, although I suspect we could add some examples to the >non-exhaustive list already on the charter, which was the intent when it >was written. That may be as close as we get. Speaking of "the charter"... I had refered to this earlier, I confess, without even having seen it myself. I just assumed that some such thing must necessarily exist somewhere, in writing. Bu I am searching for it now, online, and I'm not finding what I think I am looking for. Sincerely I must ask: Is that my own fault? (Maybe Google just simply isn't taking me to the Right Places.) I found this page: http://www.ripe.net/ripe/groups/wg/anti-abuse but nothing on that seems to either contain or refer to any explicit WG charter. The above page does however, curiously, contain a link to an apparently now defunct WG, whose page _does_ contain an explicit written charter: http://www.ripe.net/ripe/groups/inactive-working-groups/anti-spam-working-group Am I missing something? Regards, rfg From brian.nisbet at heanet.ie Wed Feb 13 09:46:03 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Wed, 13 Feb 2013 08:46:03 +0000 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <50510.1360711536@server1.tristatelogic.com> References: <50510.1360711536@server1.tristatelogic.com> Message-ID: <511B52CB.10801@heanet.ie> Ronald F. Guilmette wrote the following on 12/02/2013 23:25: > In message <5119FEE5.8050800 at heanet.ie>, > Brian Nisbet wrote: > >> Ronald F. Guilmette wrote the following on 12/02/2013 06:43: > >>> P.S. Of course, if there is neither unanimity, or a majority, nor even >>> a plurality, in and among this group, or in and among the RIPE membership >>> as a whole, that can come to agreement on any definition whatsoever of >>> the term "abuse of the Internet", however minimalist or uncontroversial, >>> then the above proposal, even if generally accepted, would be utterly >>> meaningless. If there is no generally agreed notion of "abuse" then by >>> definition there are no parties who would be generally agress to be abusers, >>> and thus, no one to whom this group could or should work to deny number >>> resources. >> >> I've seen various definitions of "abuse of the Internet" from various >> different parties and, indeed, the conversations over definitions have >> been both fruitless and lengthy. > > My assumption is that at the end, there must have been at least _some_ > agreement with regards to at least a minimalist definition of the term > "Internet abuse". Elsewise, I would guess that this WG would have been > utterly disbanded by now, you know, for lack of direction. Minimalist definitions, yes, but we have found it useful to not try to pin things down too much as that widens the scope of what we can talk about and doesn't alienate sections of the community. >>> (I believe that I saw it asserted here earlier that, even as of this late >>> date, there is no general agreement, within this group or within the >>> RIPE membership as a whole as to what things might or do constitute >>> "abuse of the Internet". If that is correct, then offhand I would have >>> to say that arriving at some common understanding of that term could be, >>> would be, and should be the first order of business for this group, above >>> all else. I mean what's the point of having an "anti abuse" group if >>> nobody even knows for sure what "abuse" is?) >> >> See above, although I suspect we could add some examples to the >> non-exhaustive list already on the charter, which was the intent when it >> was written. That may be as close as we get. > > Speaking of "the charter"... > > I had refered to this earlier, I confess, without even having seen it myself. > I just assumed that some such thing must necessarily exist somewhere, in > writing. > > Bu I am searching for it now, online, and I'm not finding what I think I > am looking for. Sincerely I must ask: Is that my own fault? (Maybe > Google just simply isn't taking me to the Right Places.) > > I found this page: > > http://www.ripe.net/ripe/groups/wg/anti-abuse The main text of that page is the WG Charter. It may be useful to be more explicit on this, but that is the charter. Brian From emadaio at ripe.net Thu Feb 14 15:05:23 2013 From: emadaio at ripe.net (Emilio Madaio) Date: Thu, 14 Feb 2013 15:05:23 +0100 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) Message-ID: Dear Colleagues, A new RIPE Policy Proposal has been made and is now available for discussion. You can find the full proposal at: https://www.ripe.net/ripe/policies/proposals/2013-01 We encourage you to review this proposal and send your comments to before 14 March 2013. Regards Emilio Madaio Policy Development Officer RIPE NCC From sander at steffann.nl Fri Feb 15 22:23:38 2013 From: sander at steffann.nl (Sander Steffann) Date: Fri, 15 Feb 2013 22:23:38 +0100 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <20130215155108.GA14735@cilantro.c4inet.net> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> Message-ID: <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> Hi Sascha, > Utterly and completely unacceptable. The proposal, in its current form, is akin to the police publishing every complaint they receive, with full details of the subject of the complaint, whether justified or not. I also note that is "The identity of the submitter, if the submitter indicated that it can be made public;" No such protection is afforded the subject of the complaint. Fair point. But would you really give any value to an anonymous report that is marked as closed,no-violation? > This proposal is nothing but a denunciant's charter, the legality of which is doubtful (NCC Legal please to comment). The idea that publishing these reports makes abuse of the reporting system less likely - where the attack *is* the publishing of these reports - is laughable. > > I therefore register my vehement opposition and, indeed, protest against this proposal in its current form. As a possible compromise, I could accept the publication of reports where the NCC has found that a violation was indeed committed. Publishing nothing at all would not be acceptable to me. Letting the RIPE NCC do some 'spam filtering' before publishing anything would not be a problem, but waiting until the complaint is completely resolved would not make the process more visible. A big problem I have with reporting something to the police is that you never see if action has been taken, and that gives the feeling that reporting is useless, even when it is not. I want to change that. How about initially only publishing: - Date submitted; - The resources the report is about; - The identity of the submitter, if the submitter indicated that it can be made public; - The current state. The exact content of the report is not the most important part to me. Then (for example) if someone was then sending in bogus complaints about my IPv4 allocation the only published information would be: - 2013-04-01 - 37.77.56.0/21 - Anonymous submitter - closed,no-violation Not that exciting... Cheers, Sander From sander at steffann.nl Sat Feb 16 13:47:45 2013 From: sander at steffann.nl (Sander Steffann) Date: Sat, 16 Feb 2013 13:47:45 +0100 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <20130215223843.GA15924@cilantro.c4inet.net> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> Message-ID: Hi Sascha, > How would you feel if the cops published lists like: > > -Sander Stefann > -complaint for kiddiepr0n > -anonymous submitter > -being investigated ? > > That sort of stuff sticks and never goes away even if it is subsequently > found to be bullshit. Sorry, but you are pulling this whole discussion out of context and proportion. > Nope, no way, not unless a violation is determined - akin to being found > guilty in a court of law. > > Also, the identity of the submitter MUST be published even in this case. > No anonymity for snitches, the Stasi wasn't *that* long ago Ok, and this even more so. I am ending this thread right now. Sander From jorgen at hovland.cx Sat Feb 16 15:14:33 2013 From: jorgen at hovland.cx (Jørgen Hovland) Date: 16 Feb 2013 14:14:33 +0000 (GMT) Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal(Openness about Policy Violations) Message-ID: <511f94494b2c86fad70021d06255.jorgen@hovland.cx> An HTML attachment was scrubbed... URL: From erik at bais.name Sat Feb 16 17:52:22 2013 From: erik at bais.name (Erik Bais) Date: Sat, 16 Feb 2013 16:52:22 +0000 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: Message-ID: <862A73D42343AE49B2FC3C32FDDFE91C204D41E2@e2010-mbx-c1n1.exchange2010.nl> Hi Sander, I think I understand the intent of the proposal, however I would think I would want a bit more reluctant in going overboard on the transparency. What I read in the proposal is that you want to know if you made a complained, that you want to know the status, steps taken etc. However until that is processed (resources revoked), is it required to have it published publicly? I don't think so, especially to avoid slander as the form of attack by anonymous complainers. If someone complains about someone/somebody/resource, should it not be a better way to have that status info between the complainer, the owner of the resource / object and RIPE ? Especially if you want to make sure that everyone involved is updated about the status. That could be done behind a RIPE NCC account, where the owner of the resource can see who has complained and the complainer can see the status or a ticket status system with a unique ID per entry and a pin number for added safety. If there are things that are not correct and resources are revoked, it could be listed somewhere that the resource was revoked based on a violation of the policy, with a key-word indicating why (incorrect contact details or contact lost, returned or policy violation etc. ) Investigated complains, which are processed but no violation, should be communicated back to the complainer, but not posted publicly imho. The idea of publicly publishing entries about certain resource (holders) based on anonymous complains is something I don't like. Yes I think I understand why one would want to be anonymous in certain cases, but if we are going to publish that kind of data, it should only be the actual problems and not all open and closed cases. Regards, Erik Bais From sander at steffann.nl Sat Feb 16 19:17:54 2013 From: sander at steffann.nl (Sander Steffann) Date: Sat, 16 Feb 2013 19:17:54 +0100 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <862A73D42343AE49B2FC3C32FDDFE91C204D41E2@e2010-mbx-c1n1.exchange2010.nl> References: <862A73D42343AE49B2FC3C32FDDFE91C204D41E2@e2010-mbx-c1n1.exchange2010.nl> Message-ID: Hi Erik, > I think I understand the intent of the proposal, however I would think I would want a bit more reluctant in going overboard on the transparency. > > What I read in the proposal is that you want to know if you made a complained, that you want to know the status, steps taken etc. Correct > However until that is processed (resources revoked), is it required to have it published publicly? I don't think so, especially to avoid slander as the form of attack by anonymous complainers. > > If someone complains about someone/somebody/resource, should it not be a better way to have that status info between the complainer, the owner of the resource / object and RIPE ? Especially if you want to make sure that everyone involved is updated about the status. Ok > That could be done behind a RIPE NCC account, where the owner of the resource can see who has complained and the complainer can see the status or a ticket status system with a unique ID per entry and a pin number for added safety. I still would like to give complainers the option not to have their identity published. That option already exists today and I don't want to remove it. If someone wants to comlain about i.e. a criminal organisation I can understand their need to remain anonymous (at least publicly) > If there are things that are not correct and resources are revoked, it could be listed somewhere that the resource was revoked based on a violation of the policy, with a key-word indicating why (incorrect contact details or contact lost, returned or policy violation etc. ) That is in the proposed 'returned' file. > Investigated complains, which are processed but no violation, should be communicated back to the complainer, but not posted publicly imho. That would be an acceptable compromise for me. > The idea of publicly publishing entries about certain resource (holders) based on anonymous complains is something I don't like. > Yes I think I understand why one would want to be anonymous in certain cases, but if we are going to publish that kind of data, it should only be the actual problems and not all open and closed cases. I still want to have a bit more openness than that. I see that we'll never get consensus on publishing all reports. I wanted to see where the limits are, and publishing everything seems to go too far :-) I want to suggest the following direction for this proposal: Change section 1 (1. Transparency on reported policy violations) to: - RIPE NCC publishes statistics on complaints/reports (number of complaints in each state: new, under investigation, etc) - RIPE NCC provides a way for the complainer and resource holder to see the progress, keeping the currently existing privacy options And leave section 2 (2. Transparency on reclaimed resources) as it currently is. I haven't seen any objections to that part yet. Thanks, Sander From erik at bais.name Sat Feb 16 20:33:33 2013 From: erik at bais.name (Erik Bais) Date: Sat, 16 Feb 2013 19:33:33 +0000 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: <862A73D42343AE49B2FC3C32FDDFE91C204D41E2@e2010-mbx-c1n1.exchange2010.nl> Message-ID: <862A73D42343AE49B2FC3C32FDDFE91C204D42E8@e2010-mbx-c1n1.exchange2010.nl> Hi Sander, > > That could be done behind a RIPE NCC account, where the owner of the resource can see who has complained and the complainer can see the status or a ticket status system with a unique ID per entry and a pin number for added safety. > I still would like to give complainers the option not to have their identity published. That option already exists today and I don't want to remove it. If someone wants to comlain about i.e. a criminal organisation I can understand their need to remain anonymous (at least publicly) As I said in my email, I understand the requirement for anonymous communication (so that basically removes the option of using a RIPE NCC account :-) ), however one should also take their own safety in mind and the fact that in case of harassment or abuse, the RIPE NCC might get forced by court to disclose all information like: - mail information - Source IP address(es) - (IP address) log information from the whois db for certain searches - date / timestamps etc. and other things that might provide insight in certain disclosing the identity of a certain complainer. It should be stated clearly to the complainer that information won't be disclosed willingly, but that the RIPE NCC has to act according to local law and that it might have to disclose information based on a court ruling. Regards, Erik Bais From sander at steffann.nl Sat Feb 16 20:56:09 2013 From: sander at steffann.nl (Sander Steffann) Date: Sat, 16 Feb 2013 20:56:09 +0100 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <862A73D42343AE49B2FC3C32FDDFE91C204D42E8@e2010-mbx-c1n1.exchange2010.nl> References: <862A73D42343AE49B2FC3C32FDDFE91C204D41E2@e2010-mbx-c1n1.exchange2010.nl> <862A73D42343AE49B2FC3C32FDDFE91C204D42E8@e2010-mbx-c1n1.exchange2010.nl> Message-ID: <80252CD0-A063-4804-9EFB-3C26CCCEA18A@steffann.nl> Hi Erik, > It should be stated clearly to the complainer that information won't be disclosed willingly, but that the RIPE NCC has to act according to local law and that it might have to disclose information based on a court ruling. I am sure the NCC legal department can take care of the necessary procedures for this :-) Thanks, Sander From sander at steffann.nl Sat Feb 16 23:44:24 2013 From: sander at steffann.nl (Sander Steffann) Date: Sat, 16 Feb 2013 23:44:24 +0100 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> Message-ID: Hi all, >> Nope, no way, not unless a violation is determined - akin to being found >> guilty in a court of law. >> >> Also, the identity of the submitter MUST be published even in this case. >> No anonymity for snitches, the Stasi wasn't *that* long ago > > Ok, and this even more so. I am ending this thread right now. Ok, that was probably too strong. I do want this discussion to take place. I wrote this first version of the policy proposal for maximum openness. And I see the potential risks with openly publishing complaints. I want the community to determine where the limits are in regard to publishing complaints etc. I didn't really expect everyone to agree to the current text. But I did not expect such language and comparisons on this list, and it shocked me. As one of the proposers I ask you to please participate in a constructive discussion here to see what is possible and desirable and what is not. Thank you, Sander From brian.nisbet at heanet.ie Sun Feb 17 17:23:50 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Sun, 17 Feb 2013 16:23:50 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <20130215223843.GA15924@cilantro.c4inet.net> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> Message-ID: <51210416.3040706@heanet.ie> Sascha, On 15/02/2013 22:38, Sascha Luck wrote: > > How would you feel if the cops published lists like: > > -Sander Stefann > > That sort of stuff sticks and never goes away even if it is subsequently > found to be bullshit. You are making your point quite clearly, there is no need to make comparisons like that, especially, as we all know, things have a way of being taken out of context and hanging around the Internet forever. > > Also, the identity of the submitter MUST be published even in this case. > No anonymity for snitches, the Stasi wasn't *that* long ago Equally, let's not make leaps like this either. Make your objections in a sensible, logical way, which I'm sure you're capable of doing, please. Brian Co-Chair, AA-WG From peter at hk.ipsec.se Sun Feb 17 20:19:05 2013 From: peter at hk.ipsec.se (peter h) Date: Sun, 17 Feb 2013 20:19:05 +0100 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal(Openness about Policy Violations) In-Reply-To: <511f94494b2c86fad70021d06255.jorgen@hovland.cx> References: <511f94494b2c86fad70021d06255.jorgen@hovland.cx> Message-ID: <201302172019.06396.peter@hk.ipsec.se> On Saturday 16 February 2013 15.14, J??rgen Hovland wrote: >
>> The idea that publishing these reports makes abuse of the reporting system less likely - where the attack *is* the publishing of these reports - is laughable.

I prefer not to get my name published on the web referencing something negative like that. 
There are reasons why unverified complaints should never be published in detail: Collateral damage is one. 

>> As a possible compromise, I could accept the publication of reports where the NCC has found that a violation was indeed committed.

Yes, perhaps. I still don't want my name in there.


>> A big problem I have with reporting something to the police is that you never see if action has been taken, and that gives the feeling that reporting is useless, even when it is not.


I believe the right to privacy is mentioned in the constitution.  Even for criminals.


Cheers,


> At 21:23 15/02/2013 (UTC), Sander Steffann wrote:
Could someone resend this in text form ??html is considered "for spammers only"
> Not that exciting...
>
> Cheers,
> Sander
>
>
>
>
> > > -- Peter H?kanson There's never money to do it right, but always money to do it again ... and again ... and again ... and again. ( Det ?r billigare att g?ra r?tt. Det ?r dyrt att laga fel. ) From brian.nisbet at heanet.ie Sun Feb 17 21:13:49 2013 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Sun, 17 Feb 2013 20:13:49 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <51210416.3040706@heanet.ie> Message-ID: <512139FD.3030504@heanet.ie> On 17/02/2013 19:00, Randy Bush wrote: > this proposal was alarmingly ill-advised. castigating sascha for being > alarming does little except bring it to a personal level. I felt this had already been brought to a personal level. I was asking that reasonable arguments, of which I'm quite sure Sascha has many, be used, rather than things that a lot of people would feel went a little far. My intent is to discuss the proposal, not the proposers. Let us assume the best of intentions on all parts and leave it at that? Brian From rfg at tristatelogic.com Sun Feb 17 23:57:03 2013 From: rfg at tristatelogic.com (Ronald F. Guilmette) Date: Sun, 17 Feb 2013 14:57:03 -0800 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <512139FD.3030504@heanet.ie> Message-ID: <19210.1361141823@server1.tristatelogic.com> I just wanted to comment briefly on the proposal now under consideration. I would have interjected quite a lot of follow-up comments on all of the comments that have been made here so far about this, but I've been tied up on other critical projects for the past several days. I don't want anybody to get the idea that I don't care about the proposal at hand. I do, passionately, but I have rather a different take on it, I think, than what I've seen expressed by others so far. The point has been made that publishing (or re-publishing) baseless accusations is un-good. There probably won't be a lot of disagreement on that general point. But more generally I think it has to be recognized that when it comes to the dispersal of information... accurate or otherwise... the Internet is, and is likely to remain, very much the Wild Wild West, and in the final analysis, there is not all that much that can be done about most of the baseless slander that occurs on the Internet every day. I'll just cite two cases in point. The first is ripped from recent headlines: http://www.usatoday.com/story/news/nation/2013/02/06/go-daddy-sued-over-revenge-porn-site/1897695/ The general opinion among legal experts... with which I concur... is that under current U.S. law GoDaddy, despite having itself hosted a web site featuring "revenge" nude photos of ex-girlfriends, is not in any way liable for that. The ladies who have been offended by the web site in question may indeed have suffered deep anguish, but they will need to seek redress for those grievances elsewhere. Second, I remember clearly that quite a number of years ago now I par- ticipated, along with countless others, in a USENET newsgroup called news.admin.net-abuse.email. Back at that time, one of the most colorful and unambiguously demented denizens of that newsgroup was a fellow going by the name of "Dr. Grubor". So anyway, long story short, Dr. Grubor, publically and in the neswgroup, called me a paedophile. Of course, there was no basis whatsoever for his accusation, and I was understandably outraged. I was preparing to initiate legal action over Dr. Grubor's outrageous slander, and would probably have done so if I had not realized, in sort order, that Dr. Grubor had already accused about 80% of the other newsgroup participants of being paedophiles, before he even got around to calling me one. Given this reality, and that fact that Dr. Grubor's only remaining shreads of credibility were with the small handful of other seriously ill newsgroup participants, in the end I thought better of wasting my time and money pursuing legal damages against a nutcase that no one of any importance took seriously anyway. All the above having been said, there are just two simple points I want to make. First, as illustrated by the above two anecdotes, it isn't really prag- matically possible, here in the "information age", to stop people from spreading hurtful material and/or bald faced lies about one, or about one's company. Second, whereas I agree completely that there should exist, somewhere, an unfiltered uncensored place where people can post what they know, or even what they believe they know about various Internet number resources (and by implication, about the entities to which those have been assigned) I am not persuaded that either RIPE or any other RiR either could be or should be either the sponsors or the adminitsrators of any such web site. Rather, I am coming around to the opinion that this kind of function necessarily must be performed by, and must be under the control of some- one or something that is distinctly _not_ connected, financially or otherwise, to any of the RiRs, to IANA, to ICANN, or to the U.S. Department of Commerce (from which, the authority and the responsibility of all of thes other entities ultimately devolves). I think that this whole discussion (and the proposal at hand) came up, at least in part, because not everyone believes that RIPE is actively policing the resources it is the ultimate steward of, without either fear or favor. Additionally, the completely lack of transparancy with respect to such policing certainly contributes mightily to fostering that exact viewpoint. However I doubt that asking, demaning, or directing RIPE itself to be more transparent about these matters is likely to provide an actual solution to the perceived credibility gap. A reference to foxes and henhouses may be appropriate here. If, at the direction of the membership, RIPE NCC began publishing _some_ information, would anyone ever feel 100% confident that they were publishing _all_ relevant infor- mation? I wouldn't, but then I am suspicious by nature. Separately, there is indeed a legal liability issue inherent in this whole idea that cannot just be swept under the carpet. I rather doubt that there is much in the way of a constituency, within the RIPE membership, that is eager for RIPE NCC to go around wlly-nilly, sticking its neck into the proverbial legal noose by publishing, or re-publishing potentially actionable defamations. Defending the indefensible, perhaps at considerable financial cost, is not something I see as being on either RIPE's or RIPE NCC's agenda anytime soon. Journalism, for better or worse, is just not within the fundamental purpose of these organizations, and I think that it will be hard to find many RIPE member organizations who are eager to have their annual fees increased in order to support a high-priced legal defense team. For the reasons given above, at the present moment I believe that it must necessarily fall to some outside and unrelated person, entity, or organization to publish, without fear or favor, negative information about Internet number resources and the parties to whom those have been assigned. I am currently contemplating whether or not I myself want to be that publisher. So far, I am not favorably disposed to getting involved. The problem is that quite a lot of work would be involved, I think, in order to do a proper job, and I actually had a number of other things that I wanted to do this lifetime. Maybe if I could find two or three willing and able volunteers to help in the construction and deployment of a simple web site... Regards, rfg From sander at steffann.nl Mon Feb 18 07:55:22 2013 From: sander at steffann.nl (Sander Steffann) Date: Mon, 18 Feb 2013 07:55:22 +0100 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <20130217213302.GB24726@cilantro.c4inet.net> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <20130217213302.GB24726@cilantro.c4inet.net> Message-ID: Hi Sascha, >> I didn't really expect everyone to agree to the current text. But I did >> not expect such language and comparisons on this list, and it shocked >> me. As one of the proposers I ask you to please participate in a >> constructive discussion here to see what is possible and desirable and >> what is not. > > if you were under the impression I was attacking you personally, I > apologize, that was not my intent. [...] Thanks. Let's start focussing on the proposal again :-) > as for what is possible, I've thought more on it and have formend the > opinion that the only thing out of it, I could accept, is publication > of the fects if a complaint was upheld *and* resources removed for > cause. Your comment is still focused on one aspect of the draft text, but you haven't responded yet to any alternatives I proposed. The last one was the one I sent on Saturday: I want to suggest the following direction for this proposal: Change section 1 (1. Transparency on reported policy violations) to: - RIPE NCC publishes statistics on complaints/reports (number of complaints in each state: new, under investigation, etc) - RIPE NCC provides a way for the complainer and resource holder to see the progress, keeping the currently existing privacy options And leave section 2 (2. Transparency on reclaimed resources) as it currently is. I haven't seen any objections to that part yet. Please focus on this suggestion now. It is obvious that we are never getting consensus on the 'old' text :-) Thanks, Sander From kai at rhynn.net Fri Feb 15 20:13:56 2013 From: kai at rhynn.net (kai) Date: Fri, 15 Feb 2013 23:13:56 +0400 Subject: [anti-abuse-wg] where do i report fraudulent AS? Message-ID: Hello, where should I report fraudulent AS(Autonomous Systems), which are announcing mainly cybercriminal hosting subnetworks? sorry if i'm posting to wrong maillist. Cheers, Kai From lists-ripe at c4inet.net Fri Feb 15 16:51:08 2013 From: lists-ripe at c4inet.net (Sascha Luck) Date: Fri, 15 Feb 2013 15:51:08 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] Fwd: 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <511E1E3C.5060808@heanet.ie> References: <511E1E3C.5060808@heanet.ie> Message-ID: <20130215155108.GA14735@cilantro.c4inet.net> On Fri, Feb 15, 2013 at 11:38:36AM +0000, Brian Nisbet wrote: >The following policy '2013-01 Openness about Policy Violations' >started it's trip through the PDP yesterday. While the discussions on >this proposal will take place in the Anti-Abuse working group, I just >wanted to make sure this WG was aware as there are obvious >implications for NCC processes & procedures. Utterly and completely unacceptable. The proposal, in its current form, is akin to the police publishing every complaint they receive, with full details of the subject of the complaint, whether justified or not. I also note that is "The identity of the submitter, if the submitter indicated that it can be made public;" No such protection is afforded the subject of the complaint. This proposal is nothing but a denunciant's charter, the legality of which is doubtful (NCC Legal please to comment). The idea that publishing these reports makes abuse of the reporting system less likely - where the attack *is* the publishing of these reports - is laughable. I therefore register my vehement opposition and, indeed, protest against this proposal in its current form. As a possible compromise, I could accept the publication of reports where the NCC has found that a violation was indeed committed. Regards, Sascha Luck From lists-ripe at c4inet.net Fri Feb 15 23:38:43 2013 From: lists-ripe at c4inet.net (Sascha Luck) Date: Fri, 15 Feb 2013 22:38:43 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> Message-ID: <20130215223843.GA15924@cilantro.c4inet.net> Hi Sander, On Fri, Feb 15, 2013 at 10:23:38PM +0100, Sander Steffann wrote: >Fair point. But would you really give any value to an anonymous report >that is marked as closed,no-violation? I might not, others might - or draw inferences from the fact that there are complaints and the number thereof. Even if they are marked as closed/no violation. >Publishing nothing at all would not be acceptable to me. Letting the >RIPE NCC do some 'spam filtering' before publishing anything would not >be a problem, but waiting until the complaint is completely resolved >would not make the process more visible. A big problem I have with >reporting something to the police is that you never see if action has >been taken, and that gives the feeling that reporting is useless, even >when it is not. I want to change that. It is like that for a reason - which is "in dubio pro reo" or "innocent until proven guilty" The police will (in most places) only publish anything if they arrest or charge anyone, and *never* the identity "a male, aged 34 was arrested". Everything else would be considered libel/slander here and media have been sued, and been sentenced to pay large sums of money, for disclosing stuff ike that. How would you feel if the cops published lists like: -Sander Stefann -complaint for kiddiepr0n -anonymous submitter -being investigated ? That sort of stuff sticks and never goes away even if it is subsequently found to be bullshit. >How about initially only publishing: - Date submitted; - The resources >the report is about; - The identity of the submitter, if the submitter >indicated that it can be made public; - The current state. Nope, no way, not unless a violation is determined - akin to being found guilty in a court of law. Also, the identity of the submitter MUST be published even in this case. No anonymity for snitches, the Stasi wasn't *that* long ago >Not that exciting... It'll be exciting when the membership fees go up to pay for the libel convictions the NCC will have to pay for... cheers, Sascha From lists-ripe at c4inet.net Sun Feb 17 22:23:58 2013 From: lists-ripe at c4inet.net (Sascha Luck) Date: Sun, 17 Feb 2013 21:23:58 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <51210416.3040706@heanet.ie> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <51210416.3040706@heanet.ie> Message-ID: <20130217212358.GA24726@cilantro.c4inet.net> Hi Brian, On Sun, Feb 17, 2013 at 04:23:50PM +0000, Brian Nisbet wrote: >>That sort of stuff sticks and never goes away even if it is subsequently >>found to be bullshit. > >You are making your point quite clearly, there is no need to make >comparisons like that, especially, as we all know, things have a way >of being taken out of context and hanging around the Internet >forever. which was part of the point I'm making. Making accusations - which complaints about policy violations essentially are - public is asking for them to be tried in the court of public opinion. cheers, Sascha Luck From lists-ripe at c4inet.net Sun Feb 17 22:33:02 2013 From: lists-ripe at c4inet.net (Sascha Luck) Date: Sun, 17 Feb 2013 21:33:02 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> Message-ID: <20130217213302.GB24726@cilantro.c4inet.net> Hi Sander, On Sat, Feb 16, 2013 at 11:44:24PM +0100, Sander Steffann wrote: >I didn't really expect everyone to agree to the current text. But I did >not expect such language and comparisons on this list, and it shocked >me. As one of the proposers I ask you to please participate in a >constructive discussion here to see what is possible and desirable and >what is not. if you were under the impression I was attacking you personally, I apologize, that was not my intent. I am quite alarmed by the proposal though, and I don't think my comparisons are that off either, considering the area of resource management having become a lot more competitive, as opposed to, co-operative since ipv4 depletion. as for what is possible, I've thought more on it and have formend the opinion that the only thing out of it, I could accept, is publication of the fects if a complaint was upheld *and* resources removed for cause. The reason being that RIPE policy is often ambiguous and contradictory, so a policy violation might simply be the result of a mis-interpretation, difference of opinion or bureaucratic slip-up. Dragging that into the court of public opinion serves nobody, except perhaps a malicious complainant. cheers, Sascha Luck > >Thank you, Sander > From randy at psg.com Sun Feb 17 20:00:37 2013 From: randy at psg.com (Randy Bush) Date: Mon, 18 Feb 2013 04:00:37 +0900 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <51210416.3040706@heanet.ie> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <51210416.3040706@heanet.ie> Message-ID: this proposal was alarmingly ill-advised. castigating sascha for being alarming does little except bring it to a personal level. randy From rezaf at mindspring.com Mon Feb 18 13:29:42 2013 From: rezaf at mindspring.com (Reza Farzan) Date: Mon, 18 Feb 2013 07:29:42 -0500 (GMT-05:00) Subject: [anti-abuse-wg] where do i report fraudulent AS? Message-ID: <15921236.1361190582594.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> Hello Kai, You may want to use this useful site, http://spamlinks.net/track-report-addresses.htm, first. There, you will find many links that may assist you. Reza Farzan ***** -----Original Message----- >From: kai >Sent: Feb 15, 2013 2:13 PM >To: anti-abuse-wg at ripe.net >Subject: [anti-abuse-wg] where do i report fraudulent AS? > >Hello, > >where should I report fraudulent AS(Autonomous Systems), which are >announcing mainly cybercriminal hosting subnetworks? > >sorry if i'm posting to wrong maillist. > > >Cheers, > >Kai > From pk at DENIC.DE Mon Feb 18 13:32:03 2013 From: pk at DENIC.DE (Peter Koch) Date: Mon, 18 Feb 2013 13:32:03 +0100 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <20130217213302.GB24726@cilantro.c4inet.net> Message-ID: <20130218123203.GP27968@x28.adm.denic.de> Sander, all, On Mon, Feb 18, 2013 at 07:55:22AM +0100, Sander Steffann wrote: > Thanks. Let's start focussing on the proposal again :-) for the record, so that there's not only one voice against, I share Sascha's concerns. The proposal fails to assess the risk of 'sticking rumor' and also fails to explain what the exact goal is (actually, there might be two radically orthogonal ones) and why the proposed measures would support that goal. > Your comment is still focused on one aspect of the draft text, but you haven't responded yet to any alternatives I proposed. The last one was the one I sent on Saturday: > > I want to suggest the following direction for this proposal: > Change section 1 (1. Transparency on reported policy violations) to: > - RIPE NCC publishes statistics on complaints/reports (number of complaints in each state: new, under investigation, etc) > - RIPE NCC provides a way for the complainer and resource holder to see the progress, keeping the currently existing privacy options > > And leave section 2 (2. Transparency on reclaimed resources) as it currently is. I haven't seen any objections to that part yet. > > Please focus on this suggestion now. It is obvious that we are never getting consensus on the 'old' text :-) I see two motivations in the PP: 1) alleged or perceived intransparency on 'complaint' handling at the NCC As curious as I might be myself, I fail to see why a complainant would deserve deeper insight into the state of investigation than anybody else or why this should happen in public. As an NCC oversight issue, a summary that will not identify any particular case, should be sufficient if it included start, end and duration. 2) "stopping abuse of these shared public resources" This really concerns me, but maybe by even only doubting I have already committed the abuse? We can surely discuss violations of allocation/assignment policies, especially the obtainment of resources by wilful submisison of wrong, forged or falsified information, but this is much different from any judgement about the use of tehse resources once they have been compliantly acquired. The NCC is not in the business of the latter. -Peter From lists-ripe at c4inet.net Mon Feb 18 15:27:33 2013 From: lists-ripe at c4inet.net (Sascha Luck) Date: Mon, 18 Feb 2013 14:27:33 +0000 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <20130217213302.GB24726@cilantro.c4inet.net> Message-ID: <20130218142733.GA29670@cilantro.c4inet.net> On Mon, Feb 18, 2013 at 07:55:22AM +0100, Sander Steffann wrote: >I want to suggest the following direction for this proposal: Change >section 1 (1. Transparency on reported policy violations) to: - RIPE >NCC publishes statistics on complaints/reports (number of complaints in >each state: new, under investigation, etc) No issue with anonymised statistics. Actually I thought this was done already - might have been a presentation at one of the meetings I remember... > - RIPE NCC provides a way >for the complainer and resource holder to see the progress, keeping the >currently existing privacy options possibly, I'll have to think on this some more. >And leave section 2 (2. Transparency on reclaimed resources) as it >currently is. I haven't seen any objections to that part yet. "policy violation" is likely to catch some honest mistakes or changed circumstances. I'd be in favour of publishing this only if the resources were reclaimed because of a conscious act (fraudulent registration, falsified (as opposed to merely incorrect) information) cheers, Sascha Luck From sander at steffann.nl Mon Feb 18 15:53:32 2013 From: sander at steffann.nl (Sander Steffann) Date: Mon, 18 Feb 2013 15:53:32 +0100 Subject: [anti-abuse-wg] [ncc-services-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: <20130218142733.GA29670@cilantro.c4inet.net> References: <511E1E3C.5060808@heanet.ie> <20130215155108.GA14735@cilantro.c4inet.net> <2867B0B4-0EED-4031-9EDC-59C57169FCD9@steffann.nl> <20130215223843.GA15924@cilantro.c4inet.net> <20130217213302.GB24726@cilantro.c4inet.net> <20130218142733.GA29670@cilantro.c4inet.net> Message-ID: Hi Sascha, > "policy violation" is likely to catch some honest mistakes or changed > circumstances. I'd be in favour of publishing this only if the resources > were reclaimed because of a conscious act (fraudulent registration, > falsified (as opposed to merely incorrect) information) The file lists recources returned to the NCC, so the file only lists policy violations if they lead to reclaiming the address space. (It only lists returned resources, and it will only mention a policy violation if that is the reason behind reclaiming them) I think it already matches what you say. If not: please explain what you want to see changed. Cheers, Sander From LIR at bva.bund.de Mon Feb 18 16:01:40 2013 From: LIR at bva.bund.de (LIR (BIT A 5)) Date: Mon, 18 Feb 2013 15:01:40 +0000 Subject: [anti-abuse-wg] WG: 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: Message-ID: To prevent abuse and to give the holder a fair chance to resolve any policy violation before the report is published there has to be a time for a reply of four weeks. If the holder has resolved all problems before expiration of the deadline, the report is not published. Best regards Carsten Br?ckner -------------- next part -------------- An HTML attachment was scrubbed... URL: From Carsten.Brueckner at bva.bund.de Mon Feb 18 15:52:54 2013 From: Carsten.Brueckner at bva.bund.de (=?iso-8859-1?Q?Br=FCckner=2C_Carsten_=28BIT_A_5=29?=) Date: Mon, 18 Feb 2013 14:52:54 +0000 Subject: [anti-abuse-wg] 2013-01 New Policy Proposal (Openness about Policy Violations) Message-ID: To prevent abuse and to give the holder a fair chance to resolve any policy violation before the report is published there has to be a time for a reply of four weeks. If the holder has resolved all problems before expiration of the deadline, the report is not published. Best regards Carsten Br?ckner -------------- next part -------------- An HTML attachment was scrubbed... URL: From maildanrl at gmail.com Tue Feb 19 17:47:57 2013 From: maildanrl at gmail.com (Dan Luedtke) Date: Tue, 19 Feb 2013 17:47:57 +0100 Subject: [anti-abuse-wg] WG: 2013-01 New Policy Proposal (Openness about Policy Violations) In-Reply-To: References: Message-ID: Hi all, (citing from the proposal) > The RIPE NCC will handle all such reports and update the state accordingly. What I miss, is a state like 'closed, violation took place, ressource not (yet) returned' Otherwise it looks like the whole "returning" comes down to listing the ressource in the 'returned'-file. What happens if the ressource holder is "guilty" but does not want to return the ressources? Does returning mean, we all stop peering/announcing/whatever with the listed ressources? How can we re-allocate the ressources, when someone still uses it (against the ruling of RIPE NCC)? These questions are more technically, because I haven't understood fully how the whole process is meant to work. For the sake of transparency, I'd like to see - Date submitted; - The resources the report is about; - A short summary from RIPE NCC (2-3 lines) [not the initial report] published for alle reports that have the state 'closed,resources-returned'. Furthermore, if the ressource holder agrees, we should publish 'closed,no violation', 'closed,out of scope', 'closed,resolved by holder' reports, too. Just to make sure that subsequent reports will not report the same issue again and again. Best regards Dan -- Dan Luedtke http://www.danrl.de From mir at ripe.net Tue Feb 19 15:36:58 2013 From: mir at ripe.net (Mirjam Kuehne) Date: Tue, 19 Feb 2013 15:36:58 +0100 Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat Message-ID: <51238E0A.3010602@ripe.net> [apologies for duplicates] Dear colleagues, We implemented a new widget in RIPEstat that allows you to find abuse contact information registered in the RIPE Database. Please find more information on RIPE Labs: https://labs.ripe.net/Members/cteusche/finding-anti-abuse-contact-information-with-ripestat Kind regards, Mirjam Kuehne RIPE NCC From michele at blacknight.com Thu Feb 21 00:42:07 2013 From: michele at blacknight.com (Michele Neylon :: Blacknight) Date: Wed, 20 Feb 2013 23:42:07 +0000 Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat In-Reply-To: <20130219170707.814965A400F@merlin.blacknight.ie> References: <20130219170707.814965A400F@merlin.blacknight.ie> Message-ID: Mirjam Handy tool Question - how do you arrive at the rating? Checking some of our IPs we get 3 out of 4 stars, so I'm curious why :) Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 ________________________________________ From: anti-abuse-wg-bounces at ripe.net [anti-abuse-wg-bounces at ripe.net] on behalf of Mirjam Kuehne [mir at ripe.net] Sent: 19 February 2013 14:36 To: anti-abuse-wg at ripe.net Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat [apologies for duplicates] Dear colleagues, We implemented a new widget in RIPEstat that allows you to find abuse contact information registered in the RIPE Database. Please find more information on RIPE Labs: https://labs.ripe.net/Members/cteusche/finding-anti-abuse-contact-information-with-ripestat Kind regards, Mirjam Kuehne RIPE NCC From david at mailplus.nl Thu Feb 21 09:28:51 2013 From: david at mailplus.nl (MailPlus| David Hofstee) Date: Thu, 21 Feb 2013 09:28:51 +0100 Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat In-Reply-To: References: <20130219170707.814965A400F@merlin.blacknight.ie> Message-ID: <78C35D6C1A82D243B830523B4193CF5F5E940B4EFF@SBS1.blinker.local> The link is on the page: https://labs.ripe.net/Members/cteusche/finding-anti-abuse-contact-information-with-ripestat#How%20the%20widget%20works%20internally -----Oorspronkelijk bericht----- Van: anti-abuse-wg-bounces at ripe.net [mailto:anti-abuse-wg-bounces at ripe.net] Namens Michele Neylon :: Blacknight Verzonden: donderdag 21 februari 2013 00:42 Aan: Mirjam Kuehne; anti-abuse-wg at ripe.net Onderwerp: Re: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat Mirjam Handy tool Question - how do you arrive at the rating? Checking some of our IPs we get 3 out of 4 stars, so I'm curious why :) Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 ________________________________________ From: anti-abuse-wg-bounces at ripe.net [anti-abuse-wg-bounces at ripe.net] on behalf of Mirjam Kuehne [mir at ripe.net] Sent: 19 February 2013 14:36 To: anti-abuse-wg at ripe.net Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat [apologies for duplicates] Dear colleagues, We implemented a new widget in RIPEstat that allows you to find abuse contact information registered in the RIPE Database. Please find more information on RIPE Labs: https://labs.ripe.net/Members/cteusche/finding-anti-abuse-contact-information-with-ripestat Kind regards, Mirjam Kuehne RIPE NCC From mir at ripe.net Thu Feb 21 10:00:27 2013 From: mir at ripe.net (Mirjam Kuehne) Date: Thu, 21 Feb 2013 10:00:27 +0100 Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat In-Reply-To: References: <20130219170707.814965A400F@merlin.blacknight.ie> Message-ID: <5125E22B.7030101@ripe.net> Dear Michele, Thanks for your mail. I am glad you find this tool useful. 3 stars means we found an abuse email address for the resource/prefix you are looking for. But the address was not listed in an abuse-mailbox attribute (that would show 4 stars), but somewhere else, for instance in the remarks field. More details about the ratings are explained in the article on RIPE Labs (and also under 'info the widget itself). I hope this answers your question. If you have any other questions, please let me know. Kind regards, Mirjam Kuehne RIPE NCC On 21/2/13 12:42 AM, Michele Neylon :: Blacknight wrote: > Mirjam > > Handy tool > > Question - how do you arrive at the rating? Checking some of our IPs we get 3 out of 4 stars, so I'm curious why :) > > Regards > > Michele > -- > Mr Michele Neylon > Blacknight Solutions > Hosting & Colocation, Brand Protection > http://www.blacknight.com/ > http://blog.blacknight.com/ > http://mneylon.tel/ > Intl. +353 (0) 59 9183072 > Locall: 1850 929 929 > Direct Dial: +353 (0)59 9183090 > Fax. +353 (0) 1 4811 763 > Twitter: http://twitter.com/mneylon > ------------------------------- > Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty > Road,Graiguecullen,Carlow,Ireland Company No.: 370845 > > ________________________________________ > From: anti-abuse-wg-bounces at ripe.net [anti-abuse-wg-bounces at ripe.net] on behalf of Mirjam Kuehne [mir at ripe.net] > Sent: 19 February 2013 14:36 > To: anti-abuse-wg at ripe.net > Subject: [anti-abuse-wg] New on RIPE Labs: Finding Abuse Contact Information Using RIPEstat > > [apologies for duplicates] > > Dear colleagues, > > We implemented a new widget in RIPEstat that allows you to find abuse > contact information registered in the RIPE Database. Please find more > information on RIPE Labs: > > https://labs.ripe.net/Members/cteusche/finding-anti-abuse-contact-information-with-ripestat > > Kind regards, > Mirjam Kuehne > RIPE NCC > From Woeber at CC.UniVie.ac.at Thu Feb 21 18:17:25 2013 From: Woeber at CC.UniVie.ac.at (Wilfried Woeber) Date: Thu, 21 Feb 2013 18:17:25 +0100 Subject: [anti-abuse-wg] where do i report fraudulent AS? In-Reply-To: References: Message-ID: <512656A5.6080204@CC.UniVie.ac.at> kai wrote: > Hello, > > where should I report fraudulent AS(Autonomous Systems), which are > announcing mainly cybercriminal hosting subnetworks? Depending on what type of "cyber crime"[1] you are referring to, where the victims are located, where the "service" is operated or offered, and what your own jurisdiction is - my advice would be to report to your local Law Enforcement and/or Telekom Regulator and/or the National CERT or CSIRT[2]. It can - in some countries/regions - also be useful to report to transit and/or up-stream ISPs, and/or to their National CERTs. > sorry if i'm posting to wrong maillist. > > > Cheers, > > Kai Wilfried. [1] there is no globally consistent definition of cyber crime :-( [2] Computer Emergency Response Team, Computer Security Incident Response Team From Woeber at CC.UniVie.ac.at Fri Feb 22 13:33:25 2013 From: Woeber at CC.UniVie.ac.at (Wilfried Woeber) Date: Fri, 22 Feb 2013 13:33:25 +0100 Subject: [anti-abuse-wg] Reclamation/AAWG charter (was: Re: Allocation of number resources) In-Reply-To: <45422.1360651430@server1.tristatelogic.com> References: <45422.1360651430@server1.tristatelogic.com> Message-ID: <51276595.9080703@CC.UniVie.ac.at> Ronald F. Guilmette wrote: [...] > (I believe that I saw it asserted here earlier that, even as of this late > date, there is no general agreement, within this group or within the > RIPE membership as a whole as to what things might or do constitute > "abuse of the Internet". If that is correct, then offhand I would have > to say that arriving at some common understanding of that term could be, > would be, and should be the first order of business for this group, above > all else. I mean what's the point of having an "anti abuse" group if > nobody even knows for sure what "abuse" is?) I think you just made the case for dissolving the AAWG, :-) under *your* assumption that the Community on the Internet will be able to come up with a *unified definition* and *central management* of "abuse of the Internet". Wilfried.