One of our clients sustained a severe SMTP DDOS attack on New Years' Day. The DDOS was caused by a bulk mailing which had forged their domain name in the return address. The attack was staged over several days from dial-up lines at fast.net (Bethlehem, PA). We contacted fast.net shortly after the massmail began but it continued unabated for two additional days. Some of the source IPs were eventually listed by MAPS and Wirehub and they're still listed to this date. 5 minutes after our call to fast.net's support desk we tracked a portscan from one of their netblocks (206.245.164.0-206.245.164.255, Internet Unlimited, at nearly the same address in Bethlehem, PA). A quick check of the reverse DNS revealed nearly exclusive use by porn, throw-away, and otherwise spam domains. Though we're still tabulating damages and collecting evidence it appears the DDOS was hosted by and allowed to continue unabated by fast.net (aka iuinc.com) after they had knowledge of the problem, knowledge of its source, and knowledge of its effects. Since fast.net/iuinc.com has not replied to our email or phone calls we're looking for anyone with information on this company, its owners or operators, and any history of network or SMTP abuse. All help will be appreciated and kept confidential. Thanks in advance, -- Roger Marquis Roble Systems Consulting http://www.roble.com/
--On Sunday, January 19, 2003 05:35:13 PM -0800 Roger Marquis <marquis@roble.com> wrote:
Since fast.net/iuinc.com has not replied to our email or phone calls we're looking for anyone with information on this company, its owners or operators, and any history of network or SMTP abuse. All help will be appreciated and kept confidential.
Fastnet is a publicly owned company that recently went on a buying spree and purchased (among others) Applied Theory and Earthstation NetAXS. You should be able to find contacts from NetAXS (unless Tony has moved on...)
'n confused. I thought AppliedTheory (was CRL) was bought by Clearblue which later aquired part in Navisite and later had Navisite aquire most of Clearblue (sounds weird, I know). Now appliedtheory.com goes to navisite, so I assumed appliedtheory was aquired as part of clearblue, (if it wasn't why the website going there)? So is its history: crl->appliedtheory->clearblue->navisite->fastnet
Fastnet is a publicly owned company that recently went on a buying spree and purchased (among others) Applied Theory and Earthstation NetAXS.
--On Sunday, January 19, 2003 05:35:07 PM -0800 "william@sokol.elan.net" <william@sokol.elan.net> wrote:
'n confused. I thought AppliedTheory (was CRL) was bought by Clearblue which later aquired part in Navisite and later had Navisite aquire most of Clearblue (sounds weird, I know). Now appliedtheory.com goes to navisite, so I assumed appliedtheory was aquired as part of clearblue, (if it wasn't why the website going there)? So is its history:
crl->appliedtheory->clearblue->navisite->fastnet
Not sure of the full history, but http://www.fast.net/news/files/060302-pr.pdf
At 10:00 PM 1/19/2003, John Payne wrote:
--On Sunday, January 19, 2003 05:35:07 PM -0800 "william@sokol.elan.net" <william@sokol.elan.net> wrote:
'n confused. I thought AppliedTheory (was CRL) was bought by Clearblue which later aquired part in Navisite and later had Navisite aquire most of Clearblue (sounds weird, I know). Now appliedtheory.com goes to navisite, so I assumed appliedtheory was aquired as part of clearblue, (if it wasn't why the website going there)? So is its history:
crl->appliedtheory->clearblue->navisite->fastnet
Not sure of the full history, but http://www.fast.net/news/files/060302-pr.pdf
As a Clearblue customer, I can confirm that all the Applied Theory stuff seems to be gone now from the support pages. (The same functionality is there, but the appliedtheory.com URL's have all been changed to clearblue.com names) Some of the stuff looks pretty cool - being able to monitor from a website your rack's temperatures, voltages, the datacenter's UPS and generator statuses, etc... Unfortunately it's all "coming soon"(unless you're in Syracuse), and has been for at least 6 months. Applied Theory was also supposed to be doing port, application and server monitoring, which seems to overlap with what Navisite offers, so that may have something to do with its departure.
participants (4)
-
John Payne
-
Kevin Day
-
Roger Marquis
-
william@sokol.elan.net