---------- Forwarded message ---------- From: noc acrino <noc.akrino@gmail.com> Date: 2009/11/6 Subject: Re: Interesting Point of view - Russian police and RIPE accused of aiding RBN To: Jeffrey Lyon <jeffrey.lyon@blacklotus.net> Thanks for the quick answer, Jeffrey. 2009/11/6 Jeffrey Lyon <jeffrey.lyon@blacklotus.net> Kanak,
It's good to see you here. The primary issue is that we receive a fair deal of customers who end up with wide scale DDoS attacks followed by an offer for "protection" to move to your network. In almost every case the attacks cease once the customer has agreed to pay this "protection" fee. Every one of these attacks was nearly identical in signature.
I would be very grateful if you provide the history of those communications
- in fact we have never organized the DDoS-attacks ourselves, it's just nonsense. Our AS is ready for any public testing to see what we are really doing. I realize the fact that none of the normal network operators have any instruments to organize a heavy DDoS-attack but a single web-engineer can test any web-server in our network to see the algorithms of traffic analyzing and attacks mitigation.
A couple of years back we followed up on this and a handful of trusted security analysts who focus on RBN alleged that Akrino was an RBN shill network thus prompting the spawn of this article:
http://www.computerworld.com/s/article/9063418/Russian_hosting_network_runni... .
Since first seeing your network arise in early 2008 i've never actually seen anyone claim to own it and a Google search for your name and ASN were completely devoid of any useful information. The ASN and IP assignment are registered to a BVI offshore corporation that based on my research do not seem to correlate to any legitimate commercial activity. All of these things seem to support the Computerworld article.
And as I've already mentioned, we're forced to hide because of the personal security. ( We can provide the documents concerning our activity only after an official request obligating the requesting organization to keep this data
I'm sorry, in this article there's no concrete reference to Akrino Networks. And no evidence that we're affiliated. I would ask any person of the maillist to check the domain history (for example, using domaintools.com) to see whether the A-records of those domains (for example, TheCanadianMeds.com and OfficialMedicines.com) have ever been bind to Akrino Networks. I must buy some extra service units to make this kind of report - if you wait I'll be ready in a few days. And anyway this also won't be a proof of evidence - the malefactor could do this binding specially but we have never served these A-records. I'd be grateful if you show any current problems concerning this AS, let's investigate the issue together. We not long ago closed a number of spam sources within our networks (yes, there really were a few problem clents) in collaboration with the Spamhaus team and we are always ready to help our colleagues if there's a need to. privately. Why have I written only now? I've discovered this claim now by chance and have been greatly disappointed. Now I have to prove that Akrino Networks has nothing to do with RBN and I can't even imagine a more comical and at the same time weird situation.
I would love to be proven wrong on this issue as I do not like to see a good net op ostracized without just cause. Perhaps your reseller(s) are giving you a bad name? Either way I would love to chat, feel free to Skype: blacklotus.net .
Thank you for this proposition, I'll contact you tomorrow.
Kanak Akrino Abuse Team