Monetizing IPv4 addresses / DiViNetworks

2020-02-07 Thread Ronald F. Guilmette 
My apologies to all.  I previously posted here some inaccurate information,
which I must now retract and correct.

I incorrectly asserted that "DiViNetworks has received $15 million
USD worth of venture capital from the International Finance Corporation,
a commercial lender and member of the World Bank Group."


https://ifcext.ifc.org/ifcext/pressroom/IFCPressRoom.nsf/0/52F1A9E272AAFAB785257BE80051CB53

In fact, a proper reading of the press release above indicated that IFC
only invested $5 million into DiViNetworks.

Other public reports however suggest that the company has received at least
$15 million USD in venture funding.  It is not immediately clear where the
additional $10 million USD might have come from.

https://pitchbook.com/profiles/company/59066-56
https://www.bizety.com/2015/09/10/cool-startup-divinetworks/

As seen at the pitchbook.com link just above, the company may have used
the following address as a U.S. business address in some instances:
   
1680 Michigan Avenue, Suite 700
Miami Beach, FL 33139

This location appears to be associated with "virtual office" rentals:


https://www.davincivirtual.com/loc/us/florida/miami-beach-virtual-offices/facility-1149

On the company's own web site, it provides what would appear to be its one
and only business address:

https://divinetworks.com/

10153 1/2 Riverside Drive #526
Los Angeles, CA

The above address would appear to be home to a business known as "Mailbox
Toluca Lake", which may or may not be a FedEx authorized shipping center:

   https://local.fedex.com/ca/los-angeles/61623/

The above addresses in Miami and Los Angeles would appear to be inconsistant
with other easly findable online documents, including the IFC press release
linked to above, which explicitly asserts that the company is located in
Israel.  It is not immediately clear why an Israeli company would have
need of either (a) a virtual office in Miami or (b) a mail drop in Los
Angeles.

I have been unable to find any evidence of any current or historical state-
level business registration for either "Divi Networks" or "DiviNetworks" or
"Divi Group" in either Florida or California.  The operation of business
addresses in either or both states without registration may possibly be a
violation of law in those states.  It is certainly impossible for any
business to file a state-level business tax return in any state in which
that business is not registered, due to the lack of the required state
business registration number which would have to appear on the tax return
in question.

As discussed in the IFC funding press release, the company appears to
have begun life with the eminently laudable goal to "increase Internet
transmission capacities and free up congested internet connections
in 21 developing countries..."  This is certainly a commendable goal by
anyone's standards, and one fully worthy of funding from the commercial
lending arm of the World Bank.

That having been said, it is certainly within the realm of possibility
that this initial business model may perhaps not have stood the test
of time, and that providing services to developing economies may not have
produced sufficent returns to keep the enterprise viable on a long term
basis.

I have found at least some evidence to suggest that the company may, at
present, be pursuing a different business model.

In the current era, there are two ways in which any party who can beg,
borrow, or steal any large swath of IPv4 address can quickly and effectively
monetize those addresses.  (And these methods are not entirely exclusive
of one another.)

The traditional way of monetizing any large block of IPv4 addresses which
the lessor does not have, or plan to have, a long term interest in is
simply to sub-lease the addresses to snowshoe spammers.  Unfortunately for
those involved, if this strategy is pursued to the exclusion of any other
it renders the IP addresses in question a "wasting asset".  Their value
declines over time as they become ever more widely blacklisted and thus
ever more ineffective for spamming purposes.

An alternative monetization strategy which has become increasingly
prevalent and widspread in recent years and which does not, generally
speaking, engender this "wasting asset" problem (and which also,
conveniently, tends to attract entirely less public attention and
scrutiny) is to "dress up" the IP block(s) in question, to the extent
possible, via relevant RIR WHOIS records, in order to make them appear
to be networks containing only Internet end-user "eyeballs".  Specifically,
the term "residential" is typically used as an integral part of these
subterfuges, and a simple google search for "residential proxies" will,
at present, turn up a veritable plethora of companies offering as a
service exactly such fradulently "dresse

Re: DiViNetworks

2020-02-06 Thread Ahmed Borno 
How is it technically possible that they reuse unused bandwidth without
some funky AS/Route announcement fun?! Anyone can explain that ?

~A

On Thu, Feb 6, 2020 at 8:09 PM Ronald F. Guilmette 
wrote:

> I mention in passing also that at the present time, DiViNetworks has
> a grand total of some 6,070 unique route objects registered in the RADB
> data base.
>
> Where I come from, that's a lot of routes.
>
>https://pastebin.com/raw/YeFBd1qZ
>
> I would be gnerally unconcerned if not for the fact that two of these
> route objects (for 155.235.0.0/16 and 169.129.0.0/16) exactly cover
> two AFRINIC legacy blocks that I feel I have proven to have been stolen
> from AFRINIC legacy blocks holders, with the apparent collusion and
> connivance of one particular gentleman who, coincidentally, I'm sure,
> like DiViNetworks, also just happens to have offices in the greater
> Tel Aviv metropolitan area.
>
>
> Regards,
> rfg
>
>
> P.S.  Online reports suggest that DiViNetworks has received $15 million
> USD worth of venture capital from the International Finance Corporation,
> a commercial lender and member of the World Bank Group.
>
>
> https://ifcext.ifc.org/ifcext/pressroom/IFCPressRoom.nsf/0/52F1A9E272AAFAB785257BE80051CB53
>
> https://en.wikipedia.org/wiki/International_Finance_Corporation
>

DiViNetworks

2020-02-06 Thread Ronald F. Guilmette 
I mention in passing also that at the present time, DiViNetworks has
a grand total of some 6,070 unique route objects registered in the RADB
data base.

Where I come from, that's a lot of routes.

   https://pastebin.com/raw/YeFBd1qZ

I would be gnerally unconcerned if not for the fact that two of these
route objects (for 155.235.0.0/16 and 169.129.0.0/16) exactly cover
two AFRINIC legacy blocks that I feel I have proven to have been stolen
from AFRINIC legacy blocks holders, with the apparent collusion and
connivance of one particular gentleman who, coincidentally, I'm sure,
like DiViNetworks, also just happens to have offices in the greater
Tel Aviv metropolitan area.


Regards,
rfg


P.S.  Online reports suggest that DiViNetworks has received $15 million
USD worth of venture capital from the International Finance Corporation,
a commercial lender and member of the World Bank Group.


https://ifcext.ifc.org/ifcext/pressroom/IFCPressRoom.nsf/0/52F1A9E272AAFAB785257BE80051CB53

https://en.wikipedia.org/wiki/International_Finance_Corporation

Re: DiviNetworks

2020-02-06 Thread Ronald F. Guilmette 
Regarding DiviNetworks...

I am not personally persuaded that an Israeli company that inserted
a route object into the RADB data base to act as a cover for the
company's apparent theft of a nice juicy /16 AFRINIC region legacy
block that actually belongs to, and belonged to a South African
state owned oil company (Sasol) is actually worthy of the Internet
equivalent of the Good Houskeeping[tm] seal of approval.


route:  169.129.0.0/16
descr:  This is a DiViNetworks customer route-object which is being 
exported under this origin AS12491 (origin AS). This route object was created 
because no existing route object with the same origin was found. Please contact 
supp...@divinetworks.com if you have any questions regarding this object.
origin: AS12491
mnt-by: MAINT-AS57731
changed:e...@divinetworks.com 20161021  #19:55:26Z
source: RADB


Regards,
rfg


P.S.  My past research into the company formally known as Netstyle Atarim
Ltd.  turned up the following interesting link, which may or may not be
relevant:

https://il.linkedin.com/in/erez-cohen-83402813

P.P.S.  Sasol has taken steps, in recent months to assert and reclaim
complete control over both of their two /16 AFRINIC region legacy blocks.
I have had multiple late night (my time) conversations with officials
there, right up to the Vice President level, regarding the unfortunate
circumstances that led to parties other than Sasol routing one or both
of their valuable AFRINIC legacy /16 blocks.

At last check, Sasol officials were still considering wther or not to file
formal police reports in South Africa regarding this matter.

P.P.P.S.  The above quoted fradulent route object is still present in
the RADB data base as we speak.

It is by no means alone.

Re: DiviNetworks

2020-02-06 Thread Tom Beecher 
Agreed.

I also would be very wary of any traffic that I don’t know about sourcing
from my network. The amount of money spent on lawyers when something
malicious comes though this ‘sharing’ , and I’m in the jackpot because it
sourced from me, is likely going to be many multiples of whatever dollar
amount I make back. And this doesn’t consider any contractual terms on your
service that might not allow you to do this in the first place.

Maybe some situations where it makes some sense for somebody, but too much
risk for my tastes.

On Thu, Feb 6, 2020 at 16:39 Mike Fuller via NANOG  wrote:

> I'd be very cautious about engaging with any company whose business model
> is to get a short-term lease of your IP-space.  Many companies use IP
> reputation data, and so you are essentially lending that reputation to a
> 3rd party, who may use it in ways you don't anticipate until the reputation
> is sufficiently damaged, and then return it to you and move on to another
> ISP.
>
> Some organizations' response to unwanted traffic is simply to block large
> IP ranges or entire ASes, and not everyone is good about following-up and
> expiring such blocks in the future.  I realize your customers haven't
> ended-up on any spam/abuse blocklists, but that doesn't mean they won't be,
> or that their IP reputation hasn't already been affected in less obvious
> ways.  You should ask yourself if you are being sufficiently compensated
> for these risks as reputable IPv4 space is at a premium, so replacing the
> IPv4 space you lent out could get quite costly.
>
> --
> Mike Fuller :: Security Reliability Engineer :: Google :: AS15169
>
> On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson  wrote:
>
>> Have several networks using them.  This he networks get paid, and no
>> blacklists.  Contact me off list if you want more details
>>
>>
>>
>> Justin Wilson
>> li...@mtin.net
>>
>>
>> —
>> https://j2sw.com - All things jsw (AS209109)
>> https://blog.j2sw.com - Podcast and Blog
>>
>> > On Feb 5, 2020, at 2:14 PM, Steve Saner  wrote:
>> >
>> > Has anyone here worked with DiviNetworks (https://divinetworks.com/)
>> to "sell" their unused bandwidth?
>> >
>> > I'd be curious to hear any thoughts or experiences.
>> >
>> > Steve
>> >
>> > --
>> >
>> --
>> > Steven Saner   Voice:
>> 316-858-3000 <(316)%20858-3000>
>> > Director of Network Operations  Fax:
>> 316-858-3001 <(316)%20858-3001>
>> > Hubris Communications
>> http://www.hubris.net
>> >
>>
>>

Re: DiviNetworks

2020-02-06 Thread William Herrin 
On Thu, Feb 6, 2020 at 1:37 PM Mike Fuller via NANOG  wrote:
> I'd be very cautious about engaging with any company whose business model is 
> to get a short-term lease of your IP-space.  Many companies use IP reputation 
> data, and so you are essentially lending that reputation to a 3rd party, who 
> may use it in ways you don't anticipate until the reputation is sufficiently 
> damaged, and then return it to you and move on to another ISP.

Hi Mike,

They explain what they're doing in their documentation and for what
it's worth they're probably telling the truth. Their business model is
to facilitate pseudonymous web scraping. If you want to anonymously
check out your competitors' pricing (anb automate it), you do it by
accessing your competitors' web site through DiviNetworks' tunneled
transits around the globe.

https://divinetworks.com/nature-of-the-traffic/

So, if you're Cogent and you want to gather business data from ARIN

Regards,
Bill Herrin

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

RE: DiviNetworks

2020-02-06 Thread Nathan Babcock 
So interesting thing about Divi.  I am a regional WISP operator and we did sign 
a deal with them and let them use our space.  One of the issues we developed 
while they were active on our network was all of our IP’s started being homed 
in the UK for google.  So anytime a customer would go to google or any google 
service, it would reroute us the .uk version of the site.  This took about 6 
months to start happening, so we didn’t have any issues for that long letting 
them use our IP space.  After a day or so of us cutting them off it went away 
and never came back.  I have discussed this with them at length in email phone 
and in person at conferences.  They assured me that this wasn’t them, but when 
I turned it back on, the issue came back in under a week.  Turn them off…. Goes 
away.  So we removed their connection.  This was over a year ago, and I have 
been talking with them again about this but am significantly more cautious 
about moving forward if for nothing else the above reason alone.  Not to 
mention the other items Mike pointed out which are of the greatest concern.  

 

What they do is create a VPN connection on your edge router and utilize your IP 
space for Geo location IP services and allow their customers to use IP’s from 
all over the world to check their sites for compatibility/interoperability.  
That’s what they tell you.  I’ve not seen any indication to believe otherwise 
in my dealings with them which is why we are talking with them again.

 

From: NANOG  On Behalf Of 
Justin Wilson
Sent: Thursday, February 6, 2020 1:35 PM
To: Mike Fuller 
Cc: nanog@nanog.org
Subject: Re: DiviNetworks

 

They don’t lease your IP space is the thing.

 

 

Justin Wilson

li...@mtin.net <mailto:li...@mtin.net> 



—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog





On Feb 6, 2020, at 2:07 PM, Mike Fuller mailto:m...@google.com> > wrote:

 

I'd be very cautious about engaging with any company whose business model is to 
get a short-term lease of your IP-space.  Many companies use IP reputation 
data, and so you are essentially lending that reputation to a 3rd party, who 
may use it in ways you don't anticipate until the reputation is sufficiently 
damaged, and then return it to you and move on to another ISP.

Some organizations' response to unwanted traffic is simply to block large IP 
ranges or entire ASes, and not everyone is good about following-up and expiring 
such blocks in the future.  I realize your customers haven't ended-up on any 
spam/abuse blocklists, but that doesn't mean they won't be, or that their IP 
reputation hasn't already been affected in less obvious ways.  You should ask 
yourself if you are being sufficiently compensated for these risks as reputable 
IPv4 space is at a premium, so replacing the IPv4 space you lent out could get 
quite costly.

--
Mike Fuller :: Security Reliability Engineer :: Google :: AS15169

 

On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson mailto:li...@mtin.net> > wrote:

Have several networks using them.  This he networks get paid, and no 
blacklists.  Contact me off list if you want more details



Justin Wilson
li...@mtin.net <mailto:li...@mtin.net> 


—
https://j2sw.com <https://j2sw.com/>  - All things jsw (AS209109)
https://blog.j2sw.com <https://blog.j2sw.com/>  - Podcast and Blog

> On Feb 5, 2020, at 2:14 PM, Steve Saner  <mailto:ssa...@hubris.net> > wrote:
> 
> Has anyone here worked with DiviNetworks (https://divinetworks.com/) to 
> "sell" their unused bandwidth?
> 
> I'd be curious to hear any thoughts or experiences.
> 
> Steve
> 
> -- 
> --
> Steven Saner mailto:ssa...@hubris.net> >  
> Voice:  316-858-3000  
> Director of Network Operations  Fax:  316-858-3001 
>  
> Hubris Communicationshttp://www.hubris.net 
> <http://www.hubris.net/> 
>

Re: DiviNetworks

2020-02-06 Thread Mike Fuller via NANOG 
I'd be very cautious about engaging with any company whose business model
is to get a short-term lease of your IP-space.  Many companies use IP
reputation data, and so you are essentially lending that reputation to a
3rd party, who may use it in ways you don't anticipate until the reputation
is sufficiently damaged, and then return it to you and move on to another
ISP.

Some organizations' response to unwanted traffic is simply to block large
IP ranges or entire ASes, and not everyone is good about following-up and
expiring such blocks in the future.  I realize your customers haven't
ended-up on any spam/abuse blocklists, but that doesn't mean they won't be,
or that their IP reputation hasn't already been affected in less obvious
ways.  You should ask yourself if you are being sufficiently compensated
for these risks as reputable IPv4 space is at a premium, so replacing the
IPv4 space you lent out could get quite costly.

--
Mike Fuller :: Security Reliability Engineer :: Google :: AS15169

On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson  wrote:

> Have several networks using them.  This he networks get paid, and no
> blacklists.  Contact me off list if you want more details
>
>
>
> Justin Wilson
> li...@mtin.net
>
>
> —
> https://j2sw.com - All things jsw (AS209109)
> https://blog.j2sw.com - Podcast and Blog
>
> > On Feb 5, 2020, at 2:14 PM, Steve Saner  wrote:
> >
> > Has anyone here worked with DiviNetworks (https://divinetworks.com/) to
> "sell" their unused bandwidth?
> >
> > I'd be curious to hear any thoughts or experiences.
> >
> > Steve
> >
> > --
> >
> --
> > Steven Saner   Voice:
> 316-858-3000 <(316)%20858-3000>
> > Director of Network Operations  Fax:
> 316-858-3001 <(316)%20858-3001>
> > Hubris Communications
> http://www.hubris.net
> >
>
>

Re: DiviNetworks

2020-02-06 Thread Damian Menscher via NANOG 
They're not sending traffic from their own IPs, right?  So they're leasing
yours (whether they make that explicit or not).  And that carries all the
implications/risks Mike mentioned.

Damian

On Thu, Feb 6, 2020 at 12:37 PM Justin Wilson  wrote:

> They don’t lease your IP space is the thing.
>
>
> Justin Wilson
> li...@mtin.net
>
>
> —
> https://j2sw.com - All things jsw (AS209109)
> https://blog.j2sw.com - Podcast and Blog
>
> On Feb 6, 2020, at 2:07 PM, Mike Fuller  wrote:
>
> I'd be very cautious about engaging with any company whose business model
> is to get a short-term lease of your IP-space.  Many companies use IP
> reputation data, and so you are essentially lending that reputation to a
> 3rd party, who may use it in ways you don't anticipate until the reputation
> is sufficiently damaged, and then return it to you and move on to another
> ISP.
>
> Some organizations' response to unwanted traffic is simply to block large
> IP ranges or entire ASes, and not everyone is good about following-up and
> expiring such blocks in the future.  I realize your customers haven't
> ended-up on any spam/abuse blocklists, but that doesn't mean they won't be,
> or that their IP reputation hasn't already been affected in less obvious
> ways.  You should ask yourself if you are being sufficiently compensated
> for these risks as reputable IPv4 space is at a premium, so replacing the
> IPv4 space you lent out could get quite costly.
>
> --
> Mike Fuller :: Security Reliability Engineer :: Google :: AS15169
>
> On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson  wrote:
>
>> Have several networks using them.  This he networks get paid, and no
>> blacklists.  Contact me off list if you want more details
>>
>>
>>
>> Justin Wilson
>> li...@mtin.net
>>
>>
>> —
>> https://j2sw.com - All things jsw (AS209109)
>> https://blog.j2sw.com - Podcast and Blog
>>
>> > On Feb 5, 2020, at 2:14 PM, Steve Saner  wrote:
>> >
>> > Has anyone here worked with DiviNetworks (https://divinetworks.com/)
>> to "sell" their unused bandwidth?
>> >
>> > I'd be curious to hear any thoughts or experiences.
>> >
>> > Steve
>> >
>> > --
>> >
>> --
>> > Steven Saner   Voice:
>> 316-858-3000 <(316)%20858-3000>
>> > Director of Network Operations  Fax:
>> 316-858-3001 <(316)%20858-3001>
>> > Hubris Communications
>> http://www.hubris.net
>> >
>>
>>
>

Re: DiviNetworks

2020-02-06 Thread Justin Wilson 
They don’t lease your IP space is the thing.


Justin Wilson
li...@mtin.net


—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Feb 6, 2020, at 2:07 PM, Mike Fuller  wrote:
> 
> I'd be very cautious about engaging with any company whose business model is 
> to get a short-term lease of your IP-space.  Many companies use IP reputation 
> data, and so you are essentially lending that reputation to a 3rd party, who 
> may use it in ways you don't anticipate until the reputation is sufficiently 
> damaged, and then return it to you and move on to another ISP.
> 
> Some organizations' response to unwanted traffic is simply to block large IP 
> ranges or entire ASes, and not everyone is good about following-up and 
> expiring such blocks in the future.  I realize your customers haven't 
> ended-up on any spam/abuse blocklists, but that doesn't mean they won't be, 
> or that their IP reputation hasn't already been affected in less obvious 
> ways.  You should ask yourself if you are being sufficiently compensated for 
> these risks as reputable IPv4 space is at a premium, so replacing the IPv4 
> space you lent out could get quite costly.
> 
> --
> Mike Fuller :: Security Reliability Engineer :: Google :: AS15169
> 
> On Wed, Feb 5, 2020 at 12:15 PM Justin Wilson  <mailto:li...@mtin.net>> wrote:
> Have several networks using them.  This he networks get paid, and no 
> blacklists.  Contact me off list if you want more details
> 
> 
> 
> Justin Wilson
> li...@mtin.net <mailto:li...@mtin.net>
> 
> 
> —
> https://j2sw.com <https://j2sw.com/> - All things jsw (AS209109)
> https://blog.j2sw.com <https://blog.j2sw.com/> - Podcast and Blog
> 
> > On Feb 5, 2020, at 2:14 PM, Steve Saner  > <mailto:ssa...@hubris.net>> wrote:
> > 
> > Has anyone here worked with DiviNetworks (https://divinetworks.com/ 
> > <https://divinetworks.com/>) to "sell" their unused bandwidth?
> > 
> > I'd be curious to hear any thoughts or experiences.
> > 
> > Steve
> > 
> > -- 
> > --
> > Steven Saner mailto:ssa...@hubris.net>> 
> >  Voice:  316-858-3000 
> > Director of Network Operations  Fax:  316-858-3001 
> > 
> > Hubris Communicationshttp://www.hubris.net 
> > <http://www.hubris.net/>
> > 
>

Re: DiviNetworks

2020-02-06 Thread Jeroen Wunnink 
We have worked extensively with them in the past, legit company that (at the 
time) used custom live traffic compression boxes via gre tunnels to squeeze 
more bandwidth out of (expensive) customer lines.

 
 
Jeroen Wunnink
Sr. Manager - Integration Engineering
 
www.gtt.net <http://www.gtt.net/>


 

On 05/02/2020, 20:15, "NANOG on behalf of Steve Saner" 
 wrote:

Has anyone here worked with DiviNetworks (https://divinetworks.com/) to 
"sell" their unused bandwidth?

I'd be curious to hear any thoughts or experiences.

Steve

-- 
--
Steven Saner   Voice:  316-858-3000
Director of Network Operations  Fax:  316-858-3001
Hubris Communicationshttp://www.hubris.net

Re: DiviNetworks

2020-02-05 Thread William Herrin 
On Wed, Feb 5, 2020 at 11:15 AM Steve Saner  wrote:
> Has anyone here worked with DiviNetworks (https://divinetworks.com/) to
> "sell" their unused bandwidth?

"Both USED and unused IPs can be utilized. IP allocation is NOT needed. "

"the configuration that we provide will ensure that traffic, which
belongs to sessions generated by our customers will be redirected
through a tunnel to our PoPs while all of your users traffic will be
routed as usual to your users. "


-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: DiviNetworks

2020-02-05 Thread Justin Wilson 
Have several networks using them.  This he networks get paid, and no 
blacklists.  Contact me off list if you want more details



Justin Wilson
li...@mtin.net


—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Feb 5, 2020, at 2:14 PM, Steve Saner  wrote:
> 
> Has anyone here worked with DiviNetworks (https://divinetworks.com/) to 
> "sell" their unused bandwidth?
> 
> I'd be curious to hear any thoughts or experiences.
> 
> Steve
> 
> -- 
> --
> Steven Saner   Voice:  316-858-3000
> Director of Network Operations  Fax:  316-858-3001
> Hubris Communicationshttp://www.hubris.net
>

DiviNetworks

2020-02-05 Thread Steve Saner 
Has anyone here worked with DiviNetworks (https://divinetworks.com/) to 
"sell" their unused bandwidth?


I'd be curious to hear any thoughts or experiences.

Steve

--
--
Steven Saner   Voice:  316-858-3000
Director of Network Operations  Fax:  316-858-3001
Hubris Communicationshttp://www.hubris.net

DiViNetworks experiences?

2012-03-06 Thread Rafael Rodriguez 
Hello list,

Does anyone have experience (good or bad) with DiViNetworks and their
DiViLink products?  Off-list replies welcomed.  Thanks.