Security Incidents mailing list archives

RE: Re: China Experience ?

From: "Christopher Barker" <christopher.barker () mizuho-sc com>
Date: Wed, 24 Jul 2002 10:02:34 +0900

I tried to reply directly, but evidently Mr. "Alif the Terrible" is blocking
most APNIC address space:

... while talking to cliff.mfn.org.:

MAIL From:<christopher.barker () mizuho-sc com>

<<< 553 5.7.1 REJECTED - We no longer accept mail from Asia.

I'm in Tokyo so this means that no email from Japan can reach you. If you
have been doing this for a while, you may have even blackholed responses
from CNCERT. Are you dropping Australia as well? This could easily get out
of hand.

Chris Barker
christopher.barker () mizuho-sc com
Network Security
Mizuho Securities Co., Ltd.
Tokyo, Japan

-----Original Message-----
From: Alif The Terrible [mailto:measl () mfn org]
Sent: Wednesday, July 24, 2002 2:25 AM
To: kevin.chen
Cc: Paul Gear; incidents.13 () web-cities net; incidents () securityfocus com
Subject: Re: Re: China Experience ?



On Tue, 23 Jul 2002, kevin.chen wrote:

DEAR Paul Gear:

    Somebody feel that they cann't contact the china's  Response Team.
    But in china,there are many Response Teams which work to prevent the

balckhat.

    Your unawareness of their existances doesn't mean they are not there ,
    but only shows ur lack of understanding of them


Good Morning Mr. Chen,

        As a network operator of both small (> /20) [part time], and
large (< /17) networks, I have a few comments.

        While I agree that there are various CERT POCs that can be reached
with varying degrees of success for true CERT-level events, however, these
are not really the reason that I, and many others, have completely wiped .cn
IP space off of our respective Internet maps.

        The issue with .cn space is a complete, TOTAL lack of responsiveness
to the everyday issues: spam, scanning, the skript-kiddies who spend
*months*
at their Hax0r hobbies without being removed from the networks they inhabit,
etc.  I formally gave up on .cn IP space late last year on all networks
under
my direct control, as the effort (several hours a week of reports that
were all completely ignored) simply wasn't worth the return (the one or two
"real" connections a week we had with .cn space).

        Network operators in China seem to have forgotten that no network is,
or can be, forced to carry anybody's traffic.  And if I am going to carry
their traffic, their are going to HAVE to be responsive to my everyday
headaches (when those headaches live on .cn space).

        China (Chinanet in particular) is quickly removing itself from the
rest of the IP world by providing "safe harbor" to every form of miscreant
who is willing to pony up a few dollars/yen - and when China finally
realizes
that there is nobody left who is willing to carry their traffic, it will be
too late.

--
Yours,

J.A. Terranson
sysadmin () mfn org


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Re: Re: China Experience ?, (continued)
- - Re: Re: China Experience ? Alif The Terrible (Jul 23)
    - Re: Re: China Experience ? Chris Brenton (Jul 23)
    - Re: China Experience ? euan (Jul 23)
    - Re: China Experience ? Jay D. Dyson (Jul 24)
    - Message not available
    - Re: China Experience ? euan (Jul 24)
    - Re: China Experience ? Chris Brenton (Jul 24)
    - Re: China Experience ? Ken Blinco (Jul 23)
    - Re: Re: China Experience ? Nick FitzGerald (Jul 24)
    - Re: Re: China Experience ? Russell Fulton (Jul 23)
    - Re: Re: China Experience ? Alif The Terrible (Jul 24)
    - RE: Re: China Experience ? Christopher Barker (Jul 24)
- Re: China Experience ? Steven M. Christey (Jul 23)
- RE: China Experience ? YAO,TONY (HP-NewZealand,ex1) (Jul 24)
- RE: Re: China Experience ? Alif The Terrible (Jul 24)