Re: [uknof] Notice of Claimed Infringement from A.B.C.D at 2019-06-05T06:41:07Z - Ref

[John Bourke]

Hi,

Thanks everyone for the responses.  In summary 

Considering we are at the start of a chain of resellers towards the end 
customer, contractually we should pass these down.

It might be a good idea to segment our immediate resellers onto separate NAT 
ranges (we have one global NAT range), allocate these addresses to the 
resellers in RIPE and then the abuse issues go to them.  We need to give them 
the ability to map back to their private addresses (we operate the 
infrastructure as a service).

The other thing to do is to have a well formed AUP, a reasonable procedure for 
dealing with these, and that would normally be sufficient to show that you are 
making best effort.

Alternatively reply to each of these with a request for more information, if 
you get no response, then ignore.

Thanks

John

[uknof] anti-DdoS foundation looking for members

[Frank Dupker]

Hi guys,

  

We are running a foundation called NBIP with the goal to provide joint
services for colleague internet and hosting companies.

We provide a tapping service for members and started NaWaS (Cloud Scrubbing
Centre) anti-DdoS services.

 

In Netherlands we protect 45% of all .nl domains and growing towards serious
scrubbing center based on our network and capacity.

Our goal is to share details as much as possible and minimize DdoS attacks
together.

 

Today the bigger vendors keep asking enormous amounts for anti-DdoS
protection. We managed to have a line up of three of them in serial and
managed to stop almost all attacks in last year. At a very reasonable fee.

We offer www.NaWaS.nl   anti-DdoS service in United
Kingdom as well, welcomed first number of members like midsized companies.

 

We also run an abuse platform in Netherlands and cooperate intense with
universities for research.

You are welcome to join us in our fight against DDOS attacks.

 

Frank Dupker

fr...@euwas.eu  

www.nawas.nl  

www.nbip.nl  

 

[uknof] Spoofer Report for UKNOF for May 2019

[CAIDA Spoofer Project]

In response to feedback from operational security communities,
CAIDA's source address validation measurement project
(https://spoofer.caida.org) is automatically generating monthly
reports of ASes originating prefixes in BGP for systems from which
we received packets with a spoofed source address.
We are publishing these reports to network and security operations
lists in order to ensure this information reaches operational
contacts in these ASes.

This report summarises tests conducted within gbr.

Inferred improvements during May 2019:
   ASN Name   Fixed-By
202590 HACKLAB2019-05-08

Further information for the inferred remediation is available at:
https://spoofer.caida.org/remedy.php

Source Address Validation issues inferred during May 2019:
   ASN Name   First-Spoofed Last-Spoofed
 60339 H3GUK 2016-09-01   2019-05-30
 42004 ULGRP 2016-11-07   2019-05-31
  5089 NTL   2016-11-16   2019-05-31
 16082 SPITFIRE  2017-07-10   2019-05-16
 44684 MYTHIC2018-02-25   2019-05-26
 35575 VAIONI2019-03-12   2019-05-19
 29009 UKBROADBAND   2019-05-08   2019-05-24
 41357 UK-34SP   2019-05-17   2019-05-17
209500   2019-05-19   2019-05-19

Further information for these tests where we received spoofed
packets is available at:
https://spoofer.caida.org/recent_tests.php?country_include=gbr&no_block=1

Please send any feedback or suggestions to spoofer-i...@caida.org