[133878] in North American Network Operators' Group
RE: Spamhaus under DDOS from AnonOps (Wikileaks.info)
daemon@ATHENA.MIT.EDU (Frank Bulk - iName.com)
Sun Dec 19 18:26:23 2010
From: "Frank Bulk - iName.com" <frnkblk@iname.com>
To: <nanog@nanog.org>
In-Reply-To: <AANLkTi=sKdrMj+G2S_AhMCRUb38L=vCbcAYMV-7Oe4Ea@mail.gmail.com>
Date: Sun, 19 Dec 2010 17:26:13 -0600
Reply-To: frnkblk@iname.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Thanks for your note and the many others. I think it could have been =
stated
more clearly that wikileaks.info, while in a bad neighborhood, and set =
up to
suggest it is Wikileaks or part of the Wikileaks organization, does not =
(at
this time) host or facilitate distribution of malware. The Spamhaus
announcement was not so clear.
Frank
-----Original Message-----
From: Paul Ferguson [mailto:fergdawgster@gmail.com]=20
Sent: Sunday, December 19, 2010 12:52 PM
To: frnkblk@iname.com
Cc: Jack Bates; nanog@nanog.org
Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Not for nothing, but Spamhaus wasn't the only organization to warn about
Heihachi:
http://blog.trendmicro.com/wikileaks-in-a-dangerous-internet-neighborhood=
/
FYI,
- - ferg
On Sun, Dec 19, 2010 at 10:46 AM, Frank Bulk - iName.com
<frnkblk@iname.com> wrote:
> The wikileaks.info press release points to Google's Safe Browsing page
> for wikileaks.info
> (http://www.google.com/safebrowsing/diagnostic?site=3Dwikileaks.info),
> which comes up clean.
>
> While I tend to trust Steve and Spamhaus because of their built up
> reputation, it would be helpful if some concrete facts were published
> about the "more than 40 criminal-run sites operating on the same IP
> address as wikileaks.info, including carder-elite.biz, h4ck3rz.biz,
> elite-crew.net, and bank phishes paypal-securitycenter.com and
> postbank-kontodirekt.com." Any chance that will be done, so
> wikileaks.info's claims can be publicly
> refuted?
>
> Kind regards,
>
> Frank
>
> -----Original Message-----
> From: Jack Bates [mailto:jbates@brightok.net]
> Sent: Saturday, December 18, 2010 3:00 PM
> To: nanog@nanog.org
> Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info)
>
> On 12/18/2010 6:58 AM, Steve Linford wrote:
>> For trying to warn about the crime gangs located at the =
wikileaks.info
> mirror IP, Spamhaus is now under ddos by AnonOps. The criminals there =
do
> not like our free speech at all.
>>
>
> It appears that wikileaks.org is operational again and redirecting to
> mirros.wikileaks.info, which draws concern of who now controls
> wikileaks.org. .info definitely isn't the same layout as all the =
mirrors.
>
>
> Jack
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFNDlQ5q1pz9mNUZTMRAn5XAKC0O3ZNO51bnAX7D99SRRqR04QIQQCfZDwH
dQN8fG2TYk6RUFYplRAiHDE=3D
=3Dem1c
-----END PGP SIGNATURE-----
--=20
"Fergie", a.k.a. Paul Ferguson
=A0Engineering Architecture for the Internet
=A0fergdawgster(at)gmail.com
=A0ferg's tech blog: http://fergdawg.blogspot.com/
