They have the skills and the ability to stop it but the people who report the traffic represent 0% of their revenue so they could care less. It’s the same actors every single day. Microsoft, Amazon, Google, Phychz Networks, Digital Ocean, etc. that spew garbage from their networks. For a while we would send abuse reports because management felt it would do nothing even though we told them it wouldn’t. Out all of the reports sent I only ever saw one response that wasn’t a canned response and it was from Microsoft that basically said “Yea, we know it’s an issue but they pay us and you don’t so block it yourself”.
Of course it it’s your customer that’s sending them crap traffic they will go nuclear if you don’t remove the offending traffic in .1337 seconds. -richey From: Mike Hammett <na...@ics-il.net> Date: Monday, February 28, 2022 at 10:43 AM To: richey goldberg <richey.goldb...@gmail.com> Cc: North American Network Operators Group <nanog@nanog.org> Subject: Re: Russian aligned ASNs? So the providers most likely to have the skills and capabilities to automate abuse mitigation are the least likely to do anything about it, even when asked? </sarcasm> ----- Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL> Midwest Internet Exchange<http://www.midwest-ix.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix> The Brothers WISP<http://www.thebrotherswisp.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png]<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> ________________________________ From: "richey goldberg" <richey.goldb...@gmail.com> To: "North American Network Operators Group" <nanog@nanog.org> Sent: Thursday, February 24, 2022 9:16:13 PM Subject: Re: Russian aligned ASNs? I don’t think that refusing Russian ASNs will do much to stop any kind of attacks. They are going to attack from botnets that are global so that’s not going to stop them. If anything blocking Russian ASNs will stop the flow of information going into Russia. I think we’re better off doing what we can to take down any machines that are participating in attacks if they live on machines that are downstream from you. One of the biggest issues I face in my daily tasks is getting other provers to take down machines. I’m talking to you Microsoft, Amazon, Digital Ocean and the likes….. -richey From: NANOG <nanog-bounces+richey.goldberg=gmail....@nanog.org> on behalf of William Allen Simpson <william.allen.simp...@gmail.com> Date: Thursday, February 24, 2022 at 7:41 PM To: North American Network Operators Group <nanog@nanog.org> Subject: Russian aligned ASNs? There have been reports of DDoS and new targeted malware attacks. There were questions in the media about cutting off the Internet. Apparently some Russian government sites have already cut themselves off, presumably to avoid counterattacks. Would it improve Internet health to refuse Russian ASN announcements? What is our community doing to assist Ukraine against these attacks?
