[anti-abuse-wg] VERIFIED[.]IS
- Previous message (by thread): [anti-abuse-wg] VERIFIED[.]IS
- Next message (by thread): [anti-abuse-wg] VERIFIED[.]IS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sergey
gforgx at fotontel.ru
Tue Aug 9 22:36:44 CEST 2016
Hi again, Ron! First of all thank you for all your contributions to this list - I personally (as I stated before) use to null-route prefixes you report. I don't intend to recommend this sort of policy to everyone - this is just my company's routing policy. Some others (even large backbones) even use Spamhaus's DROP lists which I don't trust. I think what we all need is some RIPE-managed database to list such prefixes and NCC-appointed persons to approve them as 'rogue' if there was enough evidence provided. Such a database may be provided by means of DNSBL and BGP feed. Such a database can be *voluntarily* used by those ISPs who are commited to keeping Internet clean of UBE, DDoS, spoofing, and so on and so forth. This would be a good community-driven alternative to commercial DNSBLs, DROPs, etc. On 08/09/16 22:53, Ronald F. Guilmette wrote: > I see that there is an interesting and active discussion on this now. > Everyone may be sure that I will be posting further comments shortly > which clarify my personal position on all the matters discussed so far. > > In the meantime however, I just realized that I neglected to clarify > how I came to find that VERIFIED[.]IS web site in the first place. > > It may not be at all important, but just so everyone knows, I found > that VERIFIED[.]IS indirectly. First, I stumbled onto the following > web site, which is clearly selling credit cards *and* also (U.S.) > social security numbers (SSNs) and dates-of-birth (DOBs). (You can > even pick out which U.S. state you prefer!) These bits of information > are often helpful to people intent on committing identity theft: > > http://www.wellsfargo.lequeshop[.]ru/ > > As you can see, there is an email address on the above page. It is > <mixx at exploit.im>. I simply googled that email address and then > started to visit the web sites found. > > One of them was verified[.]is > > But this criminal carder ... who seems to be Russian... is also active > on many other web sites, presumably selling what he has to offer in > many different forums. > > > Regards, > rfg > -- Kind regards, CTO at *Foton Telecom CJSC* Tel.: +7 (499) 679-99-99 AS42861 on PeeringDB <http://as42861.peeringdb.com/>, Qrator <https://radar.qrator.net/as42861>, BGP.HE.NET <http://bgp.he.net/AS42861> http://ipv6actnow.org/ <%0Ahttp://ipv6actnow.org/> -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/anti-abuse-wg/attachments/20160809/551c0a3e/attachment.html>
- Previous message (by thread): [anti-abuse-wg] VERIFIED[.]IS
- Next message (by thread): [anti-abuse-wg] VERIFIED[.]IS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]