New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Still, ARIN being out made IP prices hike... yet again.
(btw, it would be nice to have some snow falling down in Stallion... would make it more pleasant for the holiday season)
SWIP range, tell Spamhaus to fuck off, why would it be my problem what a SWIPed customer does with an IP network he owns (read: not rent)?
I guess that ties their hands, no way they could escalate the case to force the hand of DC.... >_>
I'm guessing you're talking mostly about if you're in the RIPE region and you're simply a broker?
Francisco
Good luck trying to contact a "SpamHaus Support Representative." They f*cked my beautiful /24 and it took 14 months for the removal ._.
For example, yes.
Also, from what i've seen in the last weeks/months, SH is now just a revenge platform anyway that tries to play "internet super hero":
Case one, an ISP had some listings which took weeks to be removed after SH decided to ignore the SWIP/abuse-c - which was not just SWIP but the actual RIPE LIR owner - and sent abuse to ASN that announces it (scraped from WHOIS, likely not even an abuse email address) which was not replied to and they escalated to a /24+.
Now, after removal, they found someone else spamming on the same ASN - which is a large DC and said ISP is just a customer of - and guess who they listed? Right, that ISP, not the DC or the owner as per SWIP - They cherry picked the last listed ISP in the same DC and just attributed a /24 from a whole other LIR, with whole other SWIP to them just due to using the same ASN... the abuse was never sent to the IP block owner and they will "escalate" it to this ISPs prefixes at one point without even seeing that this ISP has simply absolutely nothing to do with it...
Other case - ISP rents out /23 to legitimate customer (verified and shit, even have passport), customer starts spamming after a week - SH lists block and sends abuse, SWIP is removed and prefix nulled/removed from BGP within a few hours (not even 12). Ok, so far. Now contact SH to remove the listing - which gets ignored for 4+ weeks as "punishment" for customer choice while all other tickets from other listings/companies (verified!) are replied to within minutes-hours by senior SH staff...
Last case for now.... what Fran meant:
Carrier sells a /16 to ISP A - transfer via RIR, legacy. Transfer completed, RIR DB entry changed.
ISP A splits this /16 into 4 /18 and sells them to 3 different companies (among them ISP - SWIP is changed at RIR while transfer is in progress. Space is transferred and all is good. ISP B sells (not rent) a /21 to a colo customer which is not RIR moved but SWIPed only. ISP B rents a /24 to an end-user which is also SWIPed. End-user sells VPS with /29 (non-SWIPed) to spammer, which gets a single IP listed.
Simple, daily occurring, case - Now, who should be listed and escalated?
Correct - imo - would be this:
SWIP on IP (end-user) (/26 RIPE object, status legacy) - SWIP on /24 - SWIP on /21 - SWIP on /18 - ASN owner
Done was around this:
SWIP on /21 listed as owner, abuse sent to /18 owner (largest object in RIR DB, thus their scraper is broken), FWDd contact data of colo customer (as of SWIP) - SWIP on /24 listed, abuse sent to /21 owner (???) - SWIP on /26 listed, finally sent to correct owner...
tl;dr i don't like SH much.