In message <CALKLF0-g2Ni7tZ5toUZi9Ss_VWXOBL7BAeDUBmRo1TpCSJDuYg@mail.gmail.com> Alex Brooks <askoorb+nanog@gmail.com> you wrote:
I notice that you have been cross posting this message (though not responding on list to replies), for example to the RIPE NCC Anti-Abuse Working Group (http://www.ripe.net/ripe/groups/wg/anti-abuse)
I did post (singular) the message there also, and have seen no replies on that list that warrant any type of further follow up from me.
Although you have already been told this elsewhere, your best step after contacting the Romanian CIRT
I personally have no intention of contacting the Romanian CERT (or CIRT) for reasons I previously elaborated upon. But by all means, please feel free to do so yourself it you think it worthwhile. I have done the hard work to find, flesh out, document, and verify the problem/issue I reported on. I have tried to warn the people who matter, network operators and people in the RIPE area interested in network abuse issues. If other people feel that the message needs to be relayed to yet more parties, then that is up to them to effectuate. I have done all that I plan to do on this. (However I am willing to answer questions put to me, e.g. from people wanting to know the specific facts that led me to my conclusions. That is only fair, after all.)
is likely to be following the reporting procedure for the provision of untruthful information to the RIPE NCC at http://www.ripe.net/contact/reporting-procedure, which is a well defined procedure. RIPE NCC will investigate any report submitted though this procedure; there is a flowchart at this web address that clearly explains what will happen.
See above. I have done a great deal of work on this already. I leave it to other interested parties to file wharever additional reports they might feel are warranted or appropriate. I may be able to clear tall buildings with a single bound, but I can't do _everything_. (Besides which, why should _I_ have all the fun?) Separately however, I should perhaps also clarify that I have less than zero faith in _any_ process undertaken by _any_ RiR which has as its purported goal the un-doing of fradulent number resource registrations. I was not born yesterday. I have seen such processes in action, and it has been my experience that all such make molasses in January look fast by comparison... when they work at all. Furthermore, RiRs are not the Internet Police. Thus, whenever they find (or, more often, are told about) some number resource which has been registered or used via fraud, deceit, or artifice they have universally self-defined the limits of their own authority to simply taking back what was stolen. Never more. Thus, the most theives risk when they steal or defraud to obtain number resources is that somebody _might_ someday ask them to give what they stole back... and thus it may be easily demonstrated that the RiRs are effectively all castrated eunics with gigantic "kick me" signs on their backs. (When and if RIPE kicks JUMP.RO entirely off the net as a penalty for its part in these shenanigans... and others that have previously been documented..., then please do let me know and then I may change my mind and start believeing that RiRs are no longer acting like helpless hapless morons each time they have been clearly defrauded.) And of course, some (perhaps all) RiRs are more than happy to have the final remaining bits of IPv4 space defrauded out from under them so that they can press on with the business of selling us all IPv6. It is rather pointless to report something as stolen to an owner who doesn't seriously want it back anyway. But it's a free country. You can do whatever you like.
If you ever need to find the contact details for a European CSIRT,
Why would I ever need THAT?? Until convinced otherwise, I'm going to continue to view those folks as being more likely to be a part of the problem rather than part of the solution.
As this list is the North America Network Operators Group, it's unlikely that much in they way of action by RIPE NCC, Romanian authorities or other relevant authorities within the EU will happen as a result of a post here.
I know that. However I am also of the opinion that it is unlikely that much in the way of action by RIPE NCC, Romanian authorities or other relevant authorities within the EU will happen with respect to an issue like this NO MATTER WHAT because all of these organizations are far more adept at explaining why nothing can be done than they are at actually doing anything. By posting here, at least North American network operators can decide on their own to block routes from the relevant ASNs... or not, if they don't feel like it. That's something at least. I'm not an Internet Policeman. I'm not even an Internet Police informant. I'm an investigative journalist. As the old saying goes, if you don't like the news, then go out and make some of your own.
I hope this helps get you in touch with the right people to help.
I don't need any help. I posted here to try to help others, and I believe that I did. I don't feel any pressing need or desire to contact anyone else.
Best wishes,
Thank you. And to you! Regards, rfg