nanog mailing list archives
Re: IPv4 squatters on the move again?
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Tue, 7 Sep 2010 20:19:08 +0530
Yeah. This is just the way snowshoe spammers operate - GRE or VPN tunnels back to a master server, and a /24 full of output points with throwaway hostnames / reverse dns On Tue, Sep 7, 2010 at 8:05 PM, Jon Lewis <jlewis () lewis org> wrote:
I haven't seen that excuse/justification from customers. What I did see recently that I have to admit was very slick was a customer who claimed they were going to be doing a bunch of remote "terminals" in stores VPN'd into their dedi servers and would be streaming video from the servers to the clients. This was of course 99% BS. There was VPN involved....they used the dedi servers as VPN endpoints for their spam servers that were hosted elsewhere. When we shut them down, there was absolutely nothing incriminating of spam operations on their servers...and all they had to do was sign up for service at another hosting company, setup the VPN server, change the IPs their spam servers VPN to, and they're back in business. When sales brought me their initial request, I really didn't believe it, but I didn't have good enough cause to reject it.
-- Suresh Ramasubramanian (ops.lists () gmail com)
Current thread:
- IPv4 squatters on the move again? Tero Toikkanen (Sep 07)
- Re: IPv4 squatters on the move again? Jeffrey Lyon (Sep 07)
- Re: IPv4 squatters on the move again? Jon Lewis (Sep 07)
- Re: IPv4 squatters on the move again? Christopher Morrow (Sep 07)
- Re: IPv4 squatters on the move again? Jon Lewis (Sep 07)
- Re: IPv4 squatters on the move again? Suresh Ramasubramanian (Sep 07)
- Re: IPv4 squatters on the move again? Christopher Morrow (Sep 07)
- Re: IPv4 squatters on the move again? Jon Lewis (Sep 07)
- Re: IPv4 squatters on the move again? Jeffrey Lyon (Sep 07)
- RE: IPv4 squatters on the move again? Tero Toikkanen (Sep 07)