Re: IP Addresses from a different region
That's a fair point David. I can't of course start naming our clients. I could harp on about how they are a multinational, running legimate operations and blah blah blah.. But you'd only have my word for it. So you'll just have to take my word for the fact that we run an operational that comes down hard on nefrarious activities. Sorry. Sam On Thu, 19 Jan 2006, David Ulevitch wrote:
Be wary.
Who is this client? Some of us in the security abuse world wouldn't mind a heads up...
-david
On Jan 19, 2006, at 6:20 AM, Sam Stickland wrote:
Hi,
Long story short... I'm under some considerable pressure from management to obtain a /24 of addresses from ARIN. We are a UK based ISP that are, of course, members of RIPE. Is this possible? If I approach one of ARIN's LIRs can they obtain ARIN PI space for our client, and are their any volunteers? Or, is it the case, that being outside of ARIN's geographic reach that we can't approach them?
Short story long... This is for a client that currently has a USA based operation, that wants to consolidate everything in one of our colo centres. Their USA servers are involved in some of kind advertising system that attempts to do geographic location based on the IP address prefix. I am assured that traceroutes, SWIP data, and AS number play no part in this geographic lookup.
The client insists that they must have addresses from a prefix that appear to have been allocated by ARIN for this system to continue to work. The language barrier between us has been scrupering attempts by me to get more techincal information from them.
As usual management are interested in "solutions not problems" ;) and this deal is worth quite a bit of money. I hate to be contributing to the ever increasing PI swamp space, but unfortunately I don't pay my own wages.
Any suggestions?
Sam
On Thu, 19 Jan 2006 15:11:18 GMT, Sam Stickland said:
I can't of course start naming our clients. I could harp on about how they are a multinational, running legimate operations and blah blah blah.. But you'd only have my word for it. So you'll just have to take my word for the fact that we run an operational that comes down hard on nefrarious activities. Sorry.
Well, Sam's organization, if it was black hat, *could* just have hijacked the space and announced it anyhow. The fact he asked on NANOG means either: 1) He's on the level. 2) He's a really stupid black hat. 3) He's a really clever black hat applying misdirection of some sort. ;)
On Jan 19, 2006, at 8:08 AM, Valdis.Kletnieks@vt.edu wrote:
On Thu, 19 Jan 2006 15:11:18 GMT, Sam Stickland said:
I can't of course start naming our clients. I could harp on about how they are a multinational, running legimate operations and blah blah blah.. But you'd only have my word for it. So you'll just have to take my word for the fact that we run an operational that comes down hard on nefrarious activities. Sorry.
Well, Sam's organization, if it was black hat, *could* just have hijacked the space and announced it anyhow. The fact he asked on NANOG means either:
1) He's on the level. 2) He's a really stupid black hat. 3) He's a really clever black hat applying misdirection of some sort. ;)
[ The fact that my message was offlist aside... ] I don't doubt Sam at all but even the best of organizations or the best of tech clue and the worst of sales clue can bring nefarious users into an otherwise whitehat colo/isp/whatever. Also, from a research standpoint I'm curious as to why this organization thinks they need ARIN IP space to do what they do. Most of us know that's probably not true. I keep pretty close tabs on ongoing research in network location based services, dns mapping, online advertising, etc. I just smell BS or something really new and unique and am curious in either case. There is some good research going on in this space though (location based determinations): http://www.coralcdn.org/oasis/ (presenting at CodeCon) http://www.cs.cornell.edu/People/egs/Meridian/ just to name a couple... -davidu
Also, from a research standpoint I'm curious as to why this organization thinks they need ARIN IP space to do what they do. Most of us know that's probably not true. I keep pretty close tabs on ongoing research in network location based services, dns mapping, online advertising, etc. I just smell BS or something really new and unique and am curious in either case.
One possibility: Traditional media deals are frequently done based on geographic regions. The momentum of these deals is being carried over into cyberspace where people are attempting to enforce such deals based on prefix analysis. The request here sounds like is an attempt to avoid creating yet another exemption in prefix analysis. Whether this is for deceptive purposes or not is left to the reader. From a systems perspective, to me it seems somewhat unproductive to shift a policy exemption on address filtering to an address allocation exemption. Either way, you have one-off complexity. Regards, Tony
participants (4)
-
David Ulevitch
-
Sam Stickland
-
Tony Li
-
Valdis.Kletnieks@vt.edu