[149121] in North American Network Operators' Group
Re: US DOJ victim letter
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Sat Jan 28 11:32:10 2012
Date: Sat, 28 Jan 2012 16:30:47 +0000
From: bmanning@vacation.karoshi.com
To: Martin Hannigan <hannigan@gmail.com>
In-Reply-To: <CAMDXq5OiJ-gXeZW=MmLCD_PznnHyGfHjiMs=i1k2e_b1-S27OA@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Jan 27, 2012 at 10:20:08PM -0500, Martin Hannigan wrote:
> On Fri, Jan 27, 2012 at 1:32 PM, Randy Epstein <nanog@hostleasing.net> wrote:
> >
> >
> > On 1/27/12 1:23 PM, "Valdis.Kletnieks@vt.edu" <Valdis.Kletnieks@vt.edu>
> > wrote:
> >
> >>On Fri, 27 Jan 2012 13:16:27 EST, Bryan Horstmann-Allen said:
> >>
> >>> Bit odd, if it's a phish. Even more odd if it's actually from the Fed.
> >>
> >>What if it's a phish from a compromised Fed box? :)
> >
> > We've spoken to folks at various FBI field offices and at 26 Plaza in New
> > York which is handling this case. Further, John Curran (ARIN CEO) has
> > confirmed it's real via their own liaison and Paul Vixie is actually
> > working with them on this.
> >
>
>
> It's definitely real.
>
> Best,
>
> -M<
>
I missed the part where ARIN turned over its address database w/ associatedd
registration information to the Fed ... I mean I've always advocated for
LEO access, but ther has been significant pushback fromm the community on
unfettered access to that data. As I recall, there are even policies and
processes to limit/restrict external queries to prevent a DDos of the whois
servers. And some fairly strict policies on who gets dumps of the address
space. As far as I know (not very far) bundling the address database
-and- the registration data are not available to mere mortals.
So - just how DID the Fed get the data w/o violating ARIN policy?
/bill
