On Wed, 18 Dec 2024, Dan Mahoney wrote:
Hey there,
Dayjob recently got a report from compliance@tucows.com alleging that an old, historic bind9.tar.gz.asc (a plain-text checksum file) on ftp.isc.org is malware. It’s not. It’s a false positive.
Additionally, the URL they sent to vew the reporting material is http-only, and does not work, but it’s not hosted by tucows/hover, it’s hosted at http://url4091.abuse-report.pir.org, is http-only (what year is it?) and doesn’t work! Nor does that report actually come out and say what the file in question is, it’s only shown in an attached screenshot.
Given what recently happened to another important internet domain (one of our IP providers) being put on administrative hold due to basically one complaint of fraud, I am incredibly concerned.
I’ve been in touch with the registrar that holds our domain name about this (Hover/Tucows), and I’ve got a direct line with the CTO, but I need assurances that this will not lead to obnoxious actions, a week before Christmas.
-Dan (From personal address, but with very much DayJob hat on)
Whoops, helps to add: email dmahoney at isc org (but cc ray@) phone 703-DEV-24x7 (txt/imessage, but identify yourself in the first volley) -Dan --