Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] Mass Hijacking of AFRINIC IPv4 Space by U.S.A. Spammers

Andrew Alston Andrew.Alston at liquidtelecom.com
Fri Nov 18 00:06:39 UTC 2016 

Ronald, dear dear Ronald,

Let me educate you a little bit.

Firstly:

a.) You have come onto this list demanding that someone do SOMETHING... lets stop and talk about that for half a second.

Firstly - AfriNIC is powerless to act in this case - because without the consent of the people holding the space there is nothing they can do, and the space is legacy space, they may or may not even have contact with those people.
Secondly, you demand that SOMEONE ON THIS LIST must give a damn, let's look at this - is this a case of when someone in the states asks me if, because I live in Africa, I know their brother Joe soap who lives in Nigeria on the other side of the continent? Or is this just some bizarre form of you assigning collective responsibility to the entire continent for the actions of a third party based out of what looks like the Netherlands?  Tell me something, do I get to hold every American living for the nuclear bombing of Hiroshima?
Thirdly - Let's look at the actions people on this list can actually take.  Firstly - there is no evidence that there is not an LOA between the space holders and those ASN's.  If there IS, it is a matter of contract between the two parties, and even if AfriNIC were to go to AS260 and the ASN's beneath it and request to see the LOA's under which they announced that space, they may or may not get it - and there would be no recourse. The only person who could confidently deny the existence of an LOA would be original space holders, and since it is legacy space, AfriNIC may or may not even have a way to contact these people.  I can tell you right now, that if I am originating space under LOA from a third party -  and I was asked for a copy of it by anyone who I had not been granted express permission to share it with, I would tell third party to go back to source.
Now since you've applied some weird form of collective responsibility to this list - let us talk about the actions any member on this list can take outside of AfriNIC - since they have NO mandate to act in this situation.  Oh wait, any action that I can take - you can take - there is not a DAMN thing I can do that you can't, because in both cases we would be acting as external third parties outside of the transactions.

Now, as for your comments about the audit policy - please - get real - 2 hours ago I actually predicted to someone on Skype that that line was coming. 

 LET ME BE VERY CLEAR:  YOU MAY HAVE A CASE IF ANY OF THE SPACE YOU REFERRED TO WOULD BE BOUND BY THAT POLICY - IT WOULD NOT.  THAT POLICY WOULD NOT BIND A SINGLE ONE OF THE HOLDERS OF THIS SPACE BECAUSE IT IS LEGACY AND OUTSIDE OF AMBIT.

Secondly - as someone who has HAD their space hijacked recently - a /18 worth - that was de-aggregated into /24s and fraudulent objects registered with RADDB - while the space was VERY much in use - and who fought for the better part of a week to recover it - I also happen to know how bizarrely flawed your argument is here.  You ASSUME that hijacked space is not used.  And it's a completely naive assumption that has absolutely no bearing in reality.  There is already agreement on this list that there is no requirement to have space that is globally announced if you have a need for globally unique space that that does not require entry into the global table - so even if it WASN"T announced - it does not speak to the fact that it somehow isn't legitimate either.  And if it WAS announced?  Well - I can tell you, all the space of mine that was hijacked was a.) Announced b.) Had legitimate route objects attached to it c.) was very definitely in use by our customers d.) caused me a complete headache in stopping the hijacking e.) had NO involvement during the resolution of that issue from any RIR.

As to who you have offended?  Well, I don't speak for anyone else - but coming onto this list and ranting and raving and somehow applying collective responsibility to a continent of more than a billion people for the actions of someone in Europe - I'd say I find that pretty offensive, so add me to the list.

As for actions people can take to combat spam - this is my last message on this subject to you anyway - and since I consider your emails inflammatory and unsolicited, in the name of combating spam, I am now filtering anything more from you.

Have a good day

Andrew

-----Original Message-----
From: Ronald F. Guilmette [mailto:rfg at tristatelogic.com] 
Sent: 18 November 2016 02:36
To: rpd at afrinic.net
Subject: Re: [rpd] Mass Hijacking of AFRINIC IPv4 Space by U.S.A. Spammers


In message <CACAaNxgk23f-YAQ8XGE3gs_gEzevuNawf=sJG9tW4DJBHf7-EA at mail.gmail.com>
McTim <dogwallah at gmail.com> wrote:

>RIRs are not the Internet police.

The RIR in this case can do what was already under discussion, I believe, i.e. audit usage, and take back abandoned IPv4 space.  Give it to actual Africans who will make some reasonable and legitimate use of it.  Drain the swamp and stop making it so bloody easy for Internet crooks to get away with this kind of crap.

To anybody who may have argued that there isn't really a problem and that thus, Afrinic doesn't need to do anything at all, i.e. to try to insure that unused IPv4 space (and unused ASNs) are reclaimed, now you have hard and abundant evidence to the contrary.


Regards,
rfg

_______________________________________________
RPD mailing list
RPD at afrinic.net
https://lists.afrinic.net/mailman/listinfo/rpd

More information about the RPD mailing list