Re: User Unknown (WAS: really amazon?)

2019-08-05 Thread Scott Christopher
Rubens Kuhl wrote: > I don't think that "companies with tons of lawyers" should be a factor in > making resource allocation policies. But considering either small or big > networks, an escalation path would reduce friction and increase overall > compliance... for instance, failure to have func

Re: User Unknown (WAS: really amazon?)

2019-08-04 Thread Scott Christopher
John Curran wrote: ... > As I have noted previously, I have zero doubt in the enforceability of the > ARIN registration services agreements in this regard – so please carefully > consider proposed policy both from the overall community benefit being > sought, and from the implications faced a

Re: really amazon?

2019-07-31 Thread Scott Christopher
Rich Kulawiec wrote: > On Wed, Jul 31, 2019 at 11:13:48PM +0300, Scott Christopher wrote: > > Because it will get spammed if publicly listed in WHOIS. > > Yes. It will. Are you telling us that Amazon, with its enormous financial > and personnel resources, doesn't ha

Re: User Unknown (WAS: really amazon?)

2019-07-31 Thread Scott Christopher
Sandra Murphy wrote: > Scott, you might want to read "Policy Development Process (PDP)” > https://www.arin.net/participate/policy/pdp/ in order to discover just > exactly what John means by “If the community developed a policy”. > > You might also want to join the Public Policy Mailing List,

Re: really amazon?

2019-07-31 Thread Scott Christopher
Valdis Klētnieks wrote: > On Wed, 31 Jul 2019 16:36:08 -, Richard Williams via NANOG said: > > > To contact AWS SES about spam or abuse the correct email address is > > ab...@amazonaws.com > > You know that, and I know that, but why doesn't the person at AWS whose job it > is to keep the

Re: User Unknown (WAS: really amazon?)

2019-07-31 Thread Scott Christopher
John Curran wrote: > Scott - > > Alas, you have a fundamental misunderstanding about the nature of ARIN… we > don’t do anything other than implement policies that this community wants. If > the community developed a policy to require Abuse POC’s validation, and said > policy made clear that

Re: User Unknown (WAS: really amazon?)

2019-07-30 Thread Scott Christopher
Christoffer Hansen wrote: > On 30/07/2019 11:59, Chris Knipe wrote: > > > Then update your ARIN records to reflect that. Fully agree with Dan on > > this one. > > > > Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a > policy came into effect of validating ALL 'OrgAbuseEmail'

Re: really amazon?

2019-07-30 Thread Scott Christopher
Dan Hollis wrote: > >>> RCPT To: > <<< 550 #5.1.0 Address rejected. > 550 5.1.1 ... User unknown > >>> DATA > <<< 503 #5.5.1 RCPT first Try j...@amazon.com -- S.C.

Re: Postmaster@

2019-06-15 Thread Scott Christopher
Gary E. Miller wrote: > Is it no longer required to monitor the postmaster@ ? > > Did RFC 822 and RFC 5321 get repealed? Or is M$ more special than the > rest of us? Not just M$ but Cloudflare too: https://www.cloudflare.com/abuse Worse is that you might need to complete a CAPTCHA just to get

Re: Spamming of NANOG list members

2019-06-01 Thread Scott Christopher
M. Omer GOLGELI wrote: > There are also variants of it with subjects like > > " Ref Id: %VARIABLE% " > and > "%Domain.tld% Ref Id: %VARIABLE% " > > > > And as Bryan said, we are increasingly getting more and more as well. I wonder if this crap corresponds positively with the price of Bitcoin

Re: PSA: change your fedex.com account logins

2019-05-30 Thread Scott Christopher
Dan Hollis wrote: > Phishing scheme didn't happen. > > fedex has had a number of major compromises so it's not a stretch that > their user database was stolen and sold to spammers. The other possibility is that your one-off email scheme is predictable, and someone knows you use FedEx, and tha

Re: Spamming of NANOG list members

2019-05-24 Thread Scott Christopher
Rich Kulawiec wrote: > On Fri, May 24, 2019 at 08:17:31AM -0700, Brian Kantor wrote: > > Anne, the way that such addresses are often harvested is that one of > > the spammers (or his agent) becomes a member of the list and simply > > records the addresses of persons posting to the list. They the

Re: Spamming of NANOG list members

2019-05-24 Thread Scott Christopher
Anne P. Mitchell, Esq. wrote: > Question: Is the member list with email addresses public?? Otherwise, > one has to wonder how they got these addresses? https://marc.info/?l=nanog&r=1&w=2 and https://lists.gt.net/nanog/ mangle email addresses in the headers but do nothing about email addresse

Re: Contact for BART

2019-01-21 Thread Scott Christopher
Owen DeLong wrote: > I’m quite aware of this. If you’ll note, the thing I was replying to > said he was ALSO looking for a good contact within CALDOT. My bad - I didn't read this thread thoroughly. But my email client is at fault too... it hid all the quoted text under a button "Show quoted text"

Re: Contact for BART

2019-01-20 Thread Scott Christopher
No :) BART is Bay Area Rapid Transit, a public transportation system with its own bureaucracy and publicly elected board. Caltrans is a separate State bureaucracy, though it has a big office in the city of Oakland near BART Headquarters. And then there is Caltrain which is the commuter rail that r

Re: CVV (was: Re: bloomberg on supermicro: sky is falling)

2018-11-08 Thread Scott Christopher
Mark Tinka wrote: > I hope the U.S. does catch-up. If we were swipe-based here, we'd all be > broke :-). I know a number of major merchants in the U.S. now use PIN's, > and I always stick to those when I travel there. In the U.S., pin codes are required for EFTPOS transactions (called debit) ove

Re: CVV (was: Re: bloomberg on supermicro: sky is falling)

2018-10-11 Thread Scott Christopher
Robert Kisteleki wrote: > (this is probably OT now...) > > > I'm pretty sure the "entire point" of inventing CVV was to prove you > > physically have the card. > > Except that it doesn't serve that purpose. Anyone who ever had your card > in their hands (e.g. waiters) can just write that down a

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

2018-09-19 Thread Scott Christopher
Christopher Morrow wrote: > Whether it actually 'costs' that much to pull a x-connect and maintain > that x-connect is probably not as important as 'gosh it's really hard > to be 'close' to ' right? which is what they are > capitalizing on here.> > Hank, how far away is the next closest large ne

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

2018-09-18 Thread Scott Christopher
Hank Nussbacher wrote: > On 18/09/2018 08:02, Christopher Morrow wrote: >> >> it's funny/possible that x-connect costs affect where peering appears >> in the landscape, right?> Not this time. Just price gouging since moving a >> number of cabinets > to a different location is a nightmare. Sure

Re: IPv4 Hijacking For Idiots

2018-02-01 Thread Scott Christopher
Scott Weeks wrote: > --- s...@xopher.net wrote: > From: Scott Christopher > > I think the solution is legislation + regulations. > - > > For sure dude, because, you know, they do such a > great job of all the other stuff they touch! >

Re: IPv4 Hijacking For Idiots

2017-06-07 Thread Scott Christopher
Mark Andrews wrote: > but we do have the tech to do this. I wholeheartedly agree. > All it takes is a couple of transit providers to no longer accept > word-of-mouth and > the world will transition overnight. This is the hard part. It seems trivial - being probably only a handful of transit

Re: IPv4 Hijacking For Idiots

2017-06-06 Thread Scott Christopher
Hank Nussbacher wrote: > 2. Create a domain called acme-corp.com and a user called peering Or one could register aсme.com (If the reader can't tell the difference between acme.com and aсme.com , the reader is using one of the multitude of email clients and/or fonts that presents Unicode poorly

Re: Russian diplomats lingering near fiber optic cables

2017-06-01 Thread Scott Christopher
Sean Donelan wrote: > But, its odd to send diplomats to remote areas of the country, if you are > not trying to survey geographic infrastructure in the middle of the > country. It's just "for show." If they really wanted to be invisible, they could do so without using diplomats - a group that

Re: Lille, France

2017-06-01 Thread Scott Christopher
Rod Beck wrote: > Altice is in the States and going public soon. They have been producing > superior financial results. Appears to know how to run these cable > networks better than the standard American management. They don't actually lay any cable though, nor do they build their own network. T

Cogent BGP Hijack

2017-05-23 Thread Scott Christopher
https://www.lowendtalk.com/discussion/114865/hetzner-and-other-traffic-passing-cogent-rerouted-over-moscow#latest A report that all Cogent traffic got re-routed into Moscow. Looks innocent but happened right after UA blocked RU websites (e.g., VKontakte, Yandex, etc) Any thoughts ? -- Regards,

Re: Financial services BGP hijack last week?

2017-05-02 Thread Scott Christopher
On Mon, May 1, 2017, at 10:49 PM, valdis.kletni...@vt.edu wrote: > I didn't see any mention of this here. Any comments? > > [...] > > https://arstechnica.com/security/2017/04/russian-controlled-telecom-hijacks-financial-services-internet-traffic/ Governments mopping up signals and data isn't a