Sounds like your place is where the spammers should camp out.... Here I know we have eaten costs of term liability and cancelled contracts more than the dollar figures you have mentioned below to keep the net clean. Sad that it appears you may not be willing to put the money where your mouth is. If anyone sees us (2914) routing space of this sort and does not get a favorable response let me know in private. I will personally follow up on any issues. I may not be able to respond due to customer privacy issues but surely we need to be aware of badness so we can clean it up. Hope you are in the same position to clean up and terminate people that pose the risk to the Internet. Jared Mauch On Aug 13, 2010, at 5:25 PM, Ken Chase <ken@sizone.org> wrote:
On Fri, Aug 13, 2010 at 05:00:04PM -0400, Jared Mauch said:
I know of several large providers that would stop routing such "rogue" space.
Really? They'd take a seriously delinquent (and we're only talking about non payment after several months to Arin, not spammers or other 'criminal' elements) that's still paying for their transit and cut off their prefix announcements? I dont know that that's true for most outfits in these tough times. Nixing a $5000 or $10000+ MRC revenue stream probably requires some hard thought at high levels in most outfits.
Any provider that isn't prepared to deal with such a possible customer threat or problem you don't want to be associating with. They likely harbor other badness as well.
Possibly, but this isnt that much of a gateway drug. I know lots of companies in a financial crunch right now, and if losing the i-a.a reverse is the only effect of being late on a payment 'til the sun starts shining again' when their own customers start making good on old invoices, then I think many others would choose to delay paying ARIN instead.
When things get tough, payables are readily triaged into high and low priority. Perhaps NOC peeps on this list arent exposed to such decisions made in other departments - we run a small operation here so we're all part of such things. Some harsh realities in business sometimes!
In many cases I suspect ARIN ends up as low priority, without any criminal mindset in operation putting them there - some of these operators might even be altruistically thinking of their employees too - we know how fast service goes stale in a multi-day outtage - losing connectivity may mean employees are soon not paid and literally go hungry. So most outfits will pay their upstreams before ARIN - and they can keep their revenue streams going and pay their employees - and in the long run, one day maybe pay ARIN too. Who disagrees? Go from that example to paying for power/colo, phone, etc and tell me where ARIN is on your triage list during a cashflow event.
It may take some time to catch up to them but we have seen more of these rogue elements end up with people refusing to sell to them or law enforcement taking some action.
I know of a few such entities that are semi-chronically late in paying ARIN, but they still havent taken on spammers or Chinese intelligence operations/cyberwar plaforms as customers yet, despite your broken broken window/gateway drug analogy. It aint all black and white, there's lots of gray out there, and organizations that are forced into unfortunate circumstance through current economics, possibly mismanagement and cluelessness too, but without any malice at work.
If your management does not realize they are buying from possible criminals, you get what you pay for.
If the criminals all wore t shirts that said they're part of the club that'd be easy. When a company is having a cashflow issues, I'd say they're just in a very big club. If they manage to pay me, I dont ask any questions about the ethics of their triaging of other payables.
I've found a number of cases where providers are actually doing mitm and stealing SIP credentials for fraud. Make sure you actually have good controls and communication for when things hit the fan....
Examples of shitty fans, and controls? just want a better idea of what you're referring to.
/kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.