Posts Tagged: American Registry for Internet Numbers


19
Apr 17

Tracing Spam: Diet Pills from Beltway Bandits

Reading junk spam messages isn’t exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email. Here’s the simple story of how a recent spam email advertising celebrity “diet pills” was traced back to a Washington, D.C.-area defense contractor that builds tactical communications systems for the U.S. military and intelligence communities.

atballYour average spam email can contain a great deal of information about the systems used to blast junk email. If you’re lucky, it may even offer insight into the organization that owns the networked resources (computers, mobile devices) which have been hacked for use in sending or relaying junk messages.

Earlier this month, anti-spam activist and expert Ron Guilmette found himself poring over the “headers” for a spam message that set off a curious alert. “Headers” are the usually unseen addressing and routing details that accompany each message. They’re generally unseen because they’re hidden unless you know how and where to look for them.

Let’s take the headers from this particular email — from April 12, 2017 — as an example. To the uninitiated, email headers may seem like an overwhelming dump of information. But there really are only a few things we’re interested in here (Guilmette’s actual email address has been modified to “ronsdomain.example.com” in the otherwise unaltered spam message headers below): Continue reading →


7
Apr 10

ISP Privacy Proposal Draws Fire

A proposal to let Internet service providers conceal the contact information for their business customers is drawing fire from a number of experts in the security community, who say the change will make it harder to mitigate the threat from spam and malicious software.

The American Registry for Internet Numbers (ARIN) — one of five regional registries worldwide that is responsible for allocating blocks of Internet addresses – later this month will consider a proposal to ease rules that require ISPs to publish address and phone number information for their business customers.

The idea has support from several ISPs that claim the current policy forces ISPs to effectively publish their customer lists.

“I operate in a very competitive business, and there are instances where I can show that my competitors have gone out and harvested customers’ contact information and used that to try to take those customers away,” said Aaron Wendel, chief technical officer at Kansas City based Wholesale Internet Inc., and the author of the proposal. “I have yet to find another private industry that is not government-related that requires you to make your customer lists publicly available on the Internet.”

Critics of the plan say it will only lead to litigation and confusion, while aiding spammers and other shady actors who obtain blocks of addresses by posing as legitimate businesses.

Continue reading →