funsec mailing list archives
Re: Russian Business Network: Shadowy Firm Seen as Conduit for Cybercrime
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Sat, 13 Oct 2007 20:16:01 -0400
On 10/13/07, Paul Ferguson <fergdawg () netzero net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Most excellent. Brian Krebs writes in The Washington Post: [snip]
<Map if IP's> http://blog.washingtonpost.com/securityfix/rbn.html Does anyone know what the color coding is representative of? I assume RBN is the red ovoids, but would like to validate that. <sorry for the uninformed question but..> Is it easy to grep whois for RBN? Is the way this reporter found out which IP's they are using being kept secret due to some evasion technique? I would be willing to block them from 3 and 1/2 class B's if the information was verifiable and reliable. Its a very large representation of the Internet, but its a start. -JP<the cheesy>
Law enforcement agencies say these kinds of Internet companies are able to thrive in countries where the rule of law is poorly established. "It is clear that organized cybercrime has taken root in countries that don't have response mechanisms, laws, infrastructure and investigative support set up to respond to the threat quickly," said Ronald K. Noble, secretary general of Interpol, an organization that facilitates transnational law enforcement cooperation. He declined to discuss the Russian Business Network specifically. The company isn't a mainstream Internet service provider, as Comcast and Verizon are. Rather, it specializes in offering Web sites that will remain reachable on the Internet regardless of efforts to shut them down by law enforcement officials -- so-called bulletproof hosting. Though there are thousands of Web sites that bear the Russian Business Network name on registration records, the company is unchartered and has no legal identity, computer security firms say. [snip] More: http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR200710120 2461.html Also: "Taking on the Russian Business Network" http://blog.washingtonpost.com/securityfix/2007/10/taking_on_the_russian_bu siness.html "Mapping the Russian Business Network" http://blog.washingtonpost.com/securityfix/2007/10/mapping_the_russian_busi ness_n.html Kudos to Brian on this in-depth exposé. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHEERIq1pz9mNUZTMRAsS/AJ9ZNT6kFuRClhybU9lse/foEGALigCeJc6x pLjb1z5wS45+uD7E/CJo9bY= =dFC1 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Russian Business Network: Shadowy Firm Seen as Conduit for Cybercrime Paul Ferguson (Oct 12)
- Re: Russian Business Network: Shadowy Firm Seen as Conduit for Cybercrime Dude VanWinkle (Oct 13)
- Re: Russian Business Network: Shadowy Firm Seen as Conduit for Cybercrime Dennis Brown (Oct 13)
- Re: Russian Business Network: Shadowy Firm Seen as Conduit for Cybercrime Dude VanWinkle (Oct 13)