[143875] in North American Network Operators' Group
Re: Prefix hijacking by Michael Lindsay via Internap
daemon@ATHENA.MIT.EDU (Arturo Servin)
Sat Aug 20 21:39:38 2011
From: Arturo Servin <arturo.servin@gmail.com>
In-Reply-To: <CAL+GGzE_Vi7nc3ye_Km+U+WZheMaihybtvZLa_89YydrvikQ7w@mail.gmail.com>
Date: Sat, 20 Aug 2011 22:39:00 -0300
To: Denis Spirin <noc@link-telecom.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
What's the prefix you claim is hijacked?
/as
On 20 Aug 2011, at 22:05, Denis Spirin wrote:
> Hello All,
>=20
> I was hired by the Russian ISP company to get it back to the business. =
Due
> to impact of the financial crisis, the company was almost bankrupt, =
but then
> found the investor and have a big wish to life again.
>=20
> When I tried to announce it's networks, upstreams rejected to accept =
it
> because of Spamhaus listings. But our employer sworn there is not and =
was
> not any spamming from the company. The Spamhaus lists all our networks =
as
> spamming Zombies. And it IS announced and used now!!! The announce is =
from
> American based company Internap (AS12182). I wrote the abuse report =
them,
> but instead of stop unauthorized announces of our networks, I was =
contacted
> by a person named 'Michael Lindsay' - he tell me he buy our networks =
from
> some other people and demand we get back our abuse reports. Of course, =
we
> don't. After a short googling, I found this is well-known cyber crime
> person: http://www.spamhaus.org/rokso/listing.lasso?file=3D818&skip=3D0,=
and he
> did IP hijacking with the fake letter of authorization before:
> http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=3DROK8686 so our =
company
> is not a first victim of him. Yes, our company "help" him with the =
mistake
> of loosing old domain link-telecom.biz he was also squatted. This =
domain was
> listed as contact at RIPE Database.
>=20
> It is a good topic why these easy-to-forge LOAs is still in use, as
> RADB/RIPE DB/other routing database with the password access is a =
common
> thing. But this is not the main thing. The main thing is why Internap =
helps
> to commit a crime to the well-known felony person, and completely =
ignores
> our requests? Is there any way to push them to stop doing that =
immediately?
> If anybody can - please help...
