Network News

X My Profile
View More Activity

'Network Identity Theft' Politely Avenged

A massive swath of some 65,536 unique Internet addresses that appear to have been swiped from early Internet pioneers by a convicted spammer has been reclaimed by Internet regulators, Security Fix has learned.

In April, Security Fix reported that a huge block of Internet addresses once assigned to San Francisco Bay Packet Radio -- an organization that was involved way back in the 1970s in testing the predecessor to the global commercial Internet that we all use today -- was being used to send e-mail for a company called MediaBreakaway. That company's chief executive is Scott Richter -- a self-avowed "spam king" who has been sued by a number of the Internet's biggest players -- including Microsoft and Myspace -- for sending spam.

When I was first presented with this information, I put the relevant questions to the American Registry for Internet Numbers (ARIN) -- one of five regional Internet registries worldwide that is responsible for allocating IP addresses. At the time, the ARIN people were very interested in the information I was reporting, but very reluctant to comment about it.

It seems ARIN is still shy. In a posting on Monday to the North American Network Operators Group (NANOG) -- a mailing list frequented mostly by geeks who run ISPs -- ARIN's current chairman left this nugget:

Media Breakaway and ARIN have cooperatively reached an agreement whereby Media Breakaway will be returning to ARIN the legacy address space 134.17.0.0/16 originally issued to San Francisco (SF) Bay Packet Radio.

Media Breakaway will be returning this space upon completion of renumbering to a new IPv4 allocation made based on their qualification under existing policy. ARIN is grateful for
Media Breakaway's cooperation in this matter.

Regards,
/John

John Curran
Chairman, ARIN Board of Trustees

Reached by cell phone shortly after his posting, Curran was reluctant to go into much more detail about the agreement, saying that nearly all of ARIN's dealings with any of its members are conducted under binding non-disclosure agreements on both parties.

"But as this was an event that generated earlier public communications, we felt it was important to at least get back to the community to the extent we could," Curran said of his cryptic posting on NANOG. "In keeping with ARIN's policies for Internet resource allocation, we're able to provide Media Breakaway with an allocation that meets our policies and achieves the return of the addresses that were listed in the message on that forum."

When asked to give an example of just what such a re-allocation might entail, Curran again said he couldn't discuss specifics of the Media Breakaway issue, but referred to a generic case in which a network provider was assigned a block of IP addresses that was "not appropriately sized."

"We have existing policies that...if you happen to have a large block which isn't appropriately sized, we're very happy to give you one that is instead."

My translation: ARIN took back the addresses, while allowing Media Breakaway to assume a somewhat smaller and separate block of IP space elsewhere on the Internet.

I pinged Richter's dad Steven, a clever attorney who is President of Media Breakaway, but have not heard back from him.

Anyway, it's nice to know that ARIN is so on top of this whole impending IP address shortage thing, which, according to at least one accounting, leaves us with about 1,200 days before we run out of unused IP addresses. Meanwhile, there are Fortune 100 companies which still own ginormous chunks of Internet address blocks (many times the size of that allegedly swiped by Media Breakaway) that haven't used but a tiny fraction of that space.

Curran wouldn't tell me when this IP space would be taken away from Media Breakaway. Instead, he referred me to ARIN's number resource policy manual, saying the timetables for "allocation and subsequent renumbering" of IP space are spelled out in that document. Perhaps one of our eagle-eyed readers can help me locate this reference within that document, because I sure couldn't find it.

By Brian Krebs  |  November 18, 2008; 12:14 PM ET
Categories:  Cyber Justice , Fraud , From the Bunker , Web Fraud 2.0  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Critical Security Updates for Firefox, Safari
Next: So Much Spam From One Place?

Comments

I like to pass along things that work, in hopes that good ideas make their way back to me. As CIO, I'm always looking for ways to help my business and IT teams. Check your local library: A book that is required reading is I.T. WARS: Managing the Business-Technology Weave in the New Millennium.
It has a great chapter on Content Management and its implementation. That chapter is great if you’re struggling with your organization’s definition of CM – particularly if Business is having a difficult grasp of it – and the chapter helps any organization to the proper understanding and sizing of it for best return on investment. It even uses CM vendor and product selection as a repurposable model for selection of solutions partners and products for other areas of IT/Business.

The author, David Scott, has an interview here that is a great exposure: http://businessforum.com/DScott_02.html

The book came to us as a tip from an intern who attended a course at University of Wisconsin, where the book is an MBA text. In the realm of risk, unmanaged possibilities become probabilities – read the book BEFORE you suffer a bad outcome through poor content management, or lack of a CM system.

Posted by: johnfranks999 | November 19, 2008 12:14 PM | Report abuse

The comment above is especially ironic since the probable poster, David Scott, has posted and re-posted varying versions of the same self-promotional "edutisement" to no fewer than 3 IT lists I subscribe to. It's worth publishing here an email he sent after one such incident (and subsequent complaints regarding his behavior):

-----Original Message-----
From: David Scott [mailto:david-scott@david-scott.net]
Sent: Wednesday, July XX, 2008 X:XX PM
To: XXXX
Subject: RE: [Dataloss] University of MD mails 24000 SSN on front of envelope

Thomas Faulhaber is well-credentialed, and his professional profile is readily available on the site.

My book is self published, as are many fine books, and became an MBA-text at the University of Wisconsin, and is stocked in their bookstore. It's also in use at many other companies. I've also appeared on television in the DC market (where I lived before the book allowed me to retire from the "9 to 5"), and have done book signings - the last of which landed me a lucrative consulting role at DUSA-BT (Google it if you like), and I continue to
consult.

Oh, by the way - by self publishing, I retain almost $10 per book sold as my royalty. Major publishing pays about 2% of cover - maybe a buck or two per copy. But - why would you be interested? You seem mired in convention.

I'm not interested in flames. You either got something of value by your visit to The Business Forum and your awareness of me (and my business/technology ideas) - or you didn't.

While I'm self-promoting and making nice money (and paid off my house!), you look like you're working for someone else, and probably plugging away at a job. I hope you like it. In fact, I hope you love it as much as what I do now. Never begrudge someone their success.

Posted by: wrytous | November 20, 2008 5:51 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company