Re: [anti-abuse-wg] BREAKING: AFRINIC IPv4 address skulduggery FINAL REPORT - Just released
In message , Ostap Efremov writes >However, in the report and it's PDF, it does not say that it was >revoked, which happened 4 days ago. the report text was finalised just before Christmas (see the Disclaimer in Section 2) so events from 2021 are not discussed -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 signature.asc Description: PGP signature
Re: [anti-abuse-wg] BREAKING: AFRINIC IPv4 address skulduggery FINAL REPORT - Just released
Unfortunately, I am currently in an attempt to clean up all the prefixes announced inside of the recently revoked logicweb entry. However, in the report and it's PDF, it does not say that it was revoked, which happened 4 days ago. On 1/21/21 6:03 PM, Ronald F. Guilmette wrote: Holy Hell! I didn't know until this moment that the U.S. FBI was looking into this colossal mess, starting apparently from even before March of 2019. Nontheless, I still claim credit for having planted the flag first. I was publicly bitching about all of the apparent AFRINIC funny business starting from November 17, 2016. https://afrinic.net/20210121-afrinic-whois-database-accuracy-report Regards, rfg
[anti-abuse-wg] BREAKING: AFRINIC IPv4 address skulduggery FINAL REPORT - Just released
Holy Hell! I didn't know until this moment that the U.S. FBI was looking into this colossal mess, starting apparently from even before March of 2019. Nontheless, I still claim credit for having planted the flag first. I was publicly bitching about all of the apparent AFRINIC funny business starting from November 17, 2016. https://afrinic.net/20210121-afrinic-whois-database-accuracy-report Regards, rfg
Re: [anti-abuse-wg] 196.52.0.0/14 revoked, cleanup efforts needed
In message , Ostap Efremov wrote: >196.52.0.0/14 was recently revoked. Confirmed. It appears that AFRINIC returned that /14 to its free pool. >Before it was revoked, the whois for this /14 was: > >> inetnum:196.52.0.0 - 196.55.255.255 >> netname:LogicWeb-Inc >> descr: LogicWeb Inc. >> descr: 3003 Woodbridge Ave >> descr: Edison, NJ 08837 >> country:ZA Confirmed. Please note however that contrary to all rumors, Edison, New Jersey is -not- actually located in "ZA" (South Africa). >I believe this /14 was under control from our big friend from Israel... No. This block -somehow- made its way... for some several years anyway... directly into the hands of a certain Mr. Chad Abizeid, proprietor of LogicWeb, in New Jersey, most specifically the one that's located in in the U.S.. There's no involvement of any Israeli personages with this specific block as far as I can determine. >This is a BOGON, unallocated space. Yes. *Now* it is. >I would appreciate if any network that is on that list and on this mailing >list, would stop announcing parts of this hijacked /14. That would be Good, yes. >I reached out to RADB to remove all the radb entries concerning this /14, >however after 72 hours they still haven't. In my experience, neither accuracy nor security are among RADB's strong suits. >How is it possible that they can't just delete all entries? Other things just take priority sometimes, you know. Have you never heard of Tetris? >It is UNALLOCATED SPACE, it shouldn't be routed, it shouldn't have radb. Well, yea. But also, we in these United States should not have had to live with four full years of totally unprecedented social lunacy, the likes of which none of us have ever before known in our entire lives. But we have fixed that now. Sometimes you just have to be patient. These things take time. Regards, rfg
Re: [anti-abuse-wg] DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas
Peace, On Thu, Jan 21, 2021, 11:07 AM Töma Gavrichenkov wrote: > Meanwhile the 193.233.15.0/24 sub-block is being routed by AS42745 >> aka "Safe Value Limited" >> > > The only provider for the latter being Voxility Inc., California, USA. > > > https://radar.qrator.net/as42745/providers#startDate=2020-10-21=2021-01-21=current > Correcting myself: on the second thought, the AS in question also maintains a complicated relationship with Stormwall s.r.o. (Slovakia) and may also get Internet access from there. https://radar.qrator.net/as42745/unspecified#startDate=2020-10-21=2021-01-21=current -- Töma >