[128652] in North American Network Operators' Group
Re: Lightly used IP addresses
daemon@ATHENA.MIT.EDU (Jared Mauch)
Fri Aug 13 18:23:01 2010
In-Reply-To: <20100813212544.GJ2582@sizone.org>
From: Jared Mauch <jared@puck.nether.net>
Date: Fri, 13 Aug 2010 18:21:56 -0400
To: Ken Chase <ken@sizone.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Sounds like your place is where the spammers should camp out....
Here I know we have eaten costs of term liability and cancelled contracts mo=
re than the dollar figures you have mentioned below to keep the net clean. S=
ad that it appears you may not be willing to put the money where your mouth i=
s.=20
If anyone sees us (2914) routing space of this sort and does not get a favor=
able response let me know in private. I will personally follow up on any iss=
ues. I may not be able to respond due to customer privacy issues but surely w=
e need to be aware of badness so we can clean it up.=20
Hope you are in the same position to clean up and terminate people that pose=
the risk to the Internet.=20
Jared Mauch
On Aug 13, 2010, at 5:25 PM, Ken Chase <ken@sizone.org> wrote:
> On Fri, Aug 13, 2010 at 05:00:04PM -0400, Jared Mauch said:
>> I know of several large providers that would stop routing such "rogue" sp=
ace.=20
>=20
> Really? They'd take a seriously delinquent (and we're only talking about n=
on
> payment after several months to Arin, not spammers or other 'criminal'
> elements) that's still paying for their transit and cut off their prefix
> announcements? I dont know that that's true for most outfits in these toug=
h
> times. Nixing a $5000 or $10000+ MRC revenue stream probably requires some=
> hard thought at high levels in most outfits.
>=20
>> Any provider that isn't prepared to deal with such a possible customer
> threat or problem you don't want to be associating with. They likely harb=
or
> other badness as well.
>=20
> Possibly, but this isnt that much of a gateway drug. I know lots of compan=
ies
> in a financial crunch right now, and if losing the i-a.a reverse is the on=
ly
> effect of being late on a payment 'til the sun starts shining again' when
> their own customers start making good on old invoices, then I think many
> others would choose to delay paying ARIN instead.=20
>=20
> When things get tough, payables are readily triaged into high and low
> priority. Perhaps NOC peeps on this list arent exposed to such decisions m=
ade
> in other departments - we run a small operation here so we're all part of s=
uch
> things. Some harsh realities in business sometimes!
>=20
> In many cases I suspect ARIN ends up as low priority, without any criminal=
> mindset in operation putting them there - some of these operators might ev=
en
> be altruistically thinking of their employees too - we know how fast servi=
ce
> goes stale in a multi-day outtage - losing connectivity may mean employees=
are
> soon not paid and literally go hungry. So most outfits will pay their
> upstreams before ARIN - and they can keep their revenue streams going and p=
ay
> their employees - and in the long run, one day maybe pay ARIN too. Who
> disagrees? Go from that example to paying for power/colo, phone, etc and t=
ell
> me where ARIN is on your triage list during a cashflow event.
>=20
>> It may take some time to catch up to them but we have seen more of these
> rogue elements end up with people refusing to sell to them or law
> enforcement taking some action.
>=20
> I know of a few such entities that are semi-chronically late in paying ARI=
N,
> but they still havent taken on spammers or Chinese intelligence
> operations/cyberwar plaforms as customers yet, despite your broken broken
> window/gateway drug analogy. It aint all black and white, there's lots of g=
ray
> out there, and organizations that are forced into unfortunate circumstance=
> through current economics, possibly mismanagement and cluelessness too, bu=
t
> without any malice at work.
>=20
>> If your management does not realize they are buying from possible
> criminals, you get what you pay for.
>=20
> If the criminals all wore t shirts that said they're part of the club that=
'd be easy.
> When a company is having a cashflow issues, I'd say they're just in a very=
big club.
> If they manage to pay me, I dont ask any questions about the ethics of the=
ir triaging
> of other payables.
>=20
>> I've found a number of cases where providers are actually doing mitm and
> stealing SIP credentials for fraud. Make sure you actually have good
> controls and communication for when things hit the fan....
>=20
> Examples of shitty fans, and controls? just want a better idea of what you=
're referring
> to.
>=20
> /kc
> --=20
> Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA
> Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Fron=
t St. W.
