[anti-abuse-wg] New Abuse Information on RIPE NCC Website
- Previous message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
- Next message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Suresh Ramasubramanian
ops.lists at gmail.com
Wed Jun 26 16:31:26 CEST 2013
Consider, if you will, a domain that has absolutely no "content", but is the command and control for a fast flux botnet. Which has been the case with both the latvian as well as austrian cctld cases. On Jun 26, 2013 7:52 PM, "Frank Gadegast" <ripe-anti-spam-wg at powerweb.de> wrote: > Suresh Ramasubramanian wrote: > > Just want to note, that domainnames themself cant be > dangerous (of course using a similar name could cos > problems with trademarks and the like). > > Its only the content thats dangerous, eMail or webpage. > So its more a problem of the people running the services > and these are either hacked sites or ISPs tolerating > or deliberatly hosting this content. > > Asking a TLD registry to remove domainnames because > of pishing its then somehow to wrong place to start, > specially for Spamhaus, they should know better and > simply place all those IPs on their lists ... > > > BTW: > just found the service "Google Safe Browsing Alerts > for Network Administrators" where every AS owner can > register under > http://www.google.com/**safebrowsing/alerts/<http://www.google.com/safebrowsing/alerts/> > to receive notification about doubtful content > Google might find, when spidering your network. > > This could be pretty usefull to remove pishing > and hacked sites for pretty quick. > > > > Kind regards, Frank > > There are of course multiple sides to that story as well. >> >> Like a massive infestation of rock phish domains which, too, were >> knowingly disregarding local law, and were present in rather massive >> quantities on the .at ccTLD at that time. >> >> http://www.spamhaus.org/**organization/statement/7/<http://www.spamhaus.org/organization/statement/7/> >> >> --srs >> >> On Wednesday, June 26, 2013, Wilfried Woeber wrote: >> >> Erik Bais wrote: >> [...] >> > For those that want to read up on what actually happened on that >> specific >> > incident in Latvia (July/August 2010), have a read on the >> following open >> > letter from CERT.lv >> > >> > https://cert.lv/uploads/**uploads/OpenLetter.pdf<https://cert.lv/uploads/uploads/OpenLetter.pdf> >> >> And this actually wasn't the only or the first "incident" with >> Spamhaus. >> They also tried similer *piep*^Wbullying against NIC.at before. >> >> Which actually has discredited Spamhaus in my personal opinion for >> sure, >> for knowingly disregarding local law, but that's slightly OT here - >> but >> maybe not... >> >> > Erik Bais >> >> Wilfried. >> >> >> >> -- >> --srs (iPad) >> > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/anti-abuse-wg/attachments/20130626/67178ebc/attachment.html>
- Previous message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
- Next message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]