[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

23,000 IP addresses

Subject: 23,000 IP addresses
From: morrowc.lists at gmail.com (Christopher Morrow)
Date: Tue, 10 May 2011 10:22:03 -0400
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On Tue, May 10, 2011 at 10:15 AM, Scott Brim <scott.brim at gmail.com> wrote:
> On Tue, May 10, 2011 at 09:42, Leigh Porter
> <leigh.porter at ukbroadband.com> wrote:
>> So are they basing this on you downloading it or on making it available for others?
>
> Without knowing the details, I wouldn't assume any such level of
> competence or integrity. ?It could just be a broad witch hunt.

I know of a decent sized global ISP that ran (runs?) a large darknet
that was the equivalent of a few /16's routed to a fbsd host running
'tcpdump' (a tad more complex, but essentially this). BayTSP (one of
the 'make legal threats for the mpaa/riaa' firms) sent ~2k notes to
the ISP about downloaders on these ips.

Looking at netflow data (sample 1:1 on that interface) they had
portscanned (from ip space registered in their name) each address in
the range and sent subpoena-material to all ips that they thought they
got a response from.

At least baytsp got theirs? (money I mean)

Follow-Ups:
- 23,000 IP addresses
  - From: nenolod at systeminplace.net (William Pitcock)

References:
- 23,000 IP addresses
  - From: tme at multicasttech.com (Marshall Eubanks)
- 23,000 IP addresses
  - From: jlewis at lewis.org (Jon Lewis)
- 23,000 IP addresses
  - From: leigh.porter at ukbroadband.com (Leigh Porter)
- 23,000 IP addresses
  - From: scott.brim at gmail.com (Scott Brim)

Prev by Date: 23,000 IP addresses
Next by Date: L3 ECMP over links with different RTT
Previous by thread: 23,000 IP addresses
Next by thread: 23,000 IP addresses
Index(es):
- Date
- Thread