funsec mailing list archives
Re: Security Fix: Updates on Atrivo/Intercage
From: cracker () gmail com
Date: Mon, 8 Sep 2008 11:05:28 -0400
Just heard from Bandcon. They claim they have also stopped routing for Intercage/Atrivo, but for whatever reason the route tables don't reflect that yet b/c of some problem with their routers. Anyway, it appears now that WVFiber is the only one keeping Atrivo on the Web, and they're set to cut them off by Thurs. at the latest. On Mon, Sep 8, 2008 at 8:55 AM, Matt Jonkman <jonkman () jonkmans com> wrote:
Definitely (finally) a mark in the win column for the good guys!!! Matt Paul Ferguson wrote:Brian Krebs add some late updates to his "Security Fix" article from Friday 5 September 2008: [snip] Update, Sunday, Sept. 7, 8:02 p.m.: I spoke today with Randy Epstein, president of WVFiber and co-founder of Host.net, which acquired WVFiber just six weeks ago. Epstein said after reading reports from Security Fix, Hostexploit.com, Spamhaus.org and others about cyber crime activities at Atrivo, WVFiber has decided to drop Atrivo as a customer. WVFiber planstostop providing upstream connectivity to Atrivo by Wednesday or Thursdayatthe latest, Epstein said. That would leave Atrivo with just a single upstream provider -- Bandcon. Update, Sunday, Sept. 7, 9:15 p.m.: nLayer Communications, a company that owns a significant slice of the Internet addresses used by Atrivo/Intercage, is demanding that Atrivo vacate the space and returntheaddresses by Sept 30. "Atrivo/Intercage has not been a direct customer of nLayer Communications since December 2007, but they still have some legacy reallocations fromourIP space," wrote nLayer co-founder Richard A. Steenbergen, in an e-mailtoSecurity Fix. "Since they are no longer a customer, we require that they return our non-portable IP space, and have given them a deadline of September 30th to do so. If the IP space is not returned by that point,wewill follow standard procedure to reclaim it, including null routing the space, and sending cease and desist letters to any network who still transits it without our permission." According to Steenbergen, Atrivo/Intercage must return roughly 7,400 IP addresses. [snip] Ref:http://voices.washingtonpost.com/securityfix/2008/09/scam-heavy_us_isp_grows_more_i.html FYI, - ferg-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. -- -------------------------------------------- Matthew Jonkman Emerging Threats Phone 765-429-0398 Fax 312-264-0205 http://www.emergingthreats.net -------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Security Fix: Updates on Atrivo/Intercage Paul Ferguson (Sep 07)
- Re: Security Fix: Updates on Atrivo/Intercage Matt Jonkman (Sep 08)
- Re: Security Fix: Updates on Atrivo/Intercage cracker (Sep 08)
- Re: Security Fix: Updates on Atrivo/Intercage cracker (Sep 08)
- Re: Security Fix: Updates on Atrivo/Intercage cracker (Sep 08)
- Re: Security Fix: Updates on Atrivo/Intercage Matt Jonkman (Sep 08)