Re: Washington Post: Atrivo/Intercage, why are we peering with the American RBN? (fwd)

[Jon Kibler <Jon.Kibler () aset com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gadi Evron wrote:
> fyi.
>
> Thoughts?

If you do a little more digging, there is another piece to the puzzle
that I believe is being under emphasized: ESTDomains. They appear to be
at least peripherally related to Atrivo/Intercage. From what I can see,
they appear to be registering domains for under cost. (I thought the
registrar's cost to register a .COM or .NET domain was about $6.50 to
Verisign and $0.20 ICANN, yet they advertise .NET domains for $5.89.)

Whereas it is relatively simple to blackhole an ISP, I am not aware of
any way to blackhole all the domains registered by a given registrar.
However, if there was, that may be a more effective solution than to
blackhole an ISP, because the blocking would follow the rogue domain to
wherever it moved its hosting to.

My $0.0002 worth.

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAki43ywACgkQUVxQRc85QlOEhgCfU9PakhuO2BiXaUhOrp7LYi7o
7mkAnjmy9b/1B4Jk4VF+fZ/YN41MLEx7
=By2u
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.