[funsec] Security Fix: Updates on Atrivo/Intercage

Matt Jonkman jonkman at jonkmans.com
Mon Sep 8 07:55:21 CDT 2008

Definitely (finally) a mark in the win column for the good guys!!!


Paul Ferguson wrote:
> Brian Krebs add some late updates to his "Security Fix" article
> from Friday 5 September 2008:
> [snip]
> Update, Sunday, Sept. 7, 8:02 p.m.: I spoke today with Randy Epstein,
> president of WVFiber and co-founder of Host.net, which acquired WVFiber
> just six weeks ago. Epstein said after reading reports from Security Fix,
> Hostexploit.com, Spamhaus.org and others about cyber crime activities at
> Atrivo, WVFiber has decided to drop Atrivo as a customer. WVFiber plans to
> stop providing upstream connectivity to Atrivo by Wednesday or Thursday at
> the latest, Epstein said. That would leave Atrivo with just a single
> upstream provider -- Bandcon.
> Update, Sunday, Sept. 7, 9:15 p.m.: nLayer Communications, a company that
> owns a significant slice of the Internet addresses used by
> Atrivo/Intercage, is demanding that Atrivo vacate the space and return the
> addresses by Sept 30.
> "Atrivo/Intercage has not been a direct customer of nLayer Communications
> since December 2007, but they still have some legacy reallocations from our
> IP space," wrote nLayer co-founder Richard A. Steenbergen, in an e-mail to
> Security Fix. "Since they are no longer a customer, we require that they
> return our non-portable IP space, and have given them a deadline of
> September 30th to do so. If the IP space is not returned by that point, we
> will follow standard procedure to reclaim it, including null routing the
> space, and sending cease and desist letters to any network who still
> transits it without our permission."
> According to Steenbergen, Atrivo/Intercage must return roughly 7,400 IP
> addresses. 
> [snip]
> Ref:
> http://voices.washingtonpost.com/securityfix/2008/09/scam-heavy_us_isp_grow
> s_more_i.html
> FYI,
> - ferg

"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 ferg's tech blog: http://fergdawg.blogspot.com/

Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.

Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205

PGP: http://www.jonkmans.com/mattjonkman.asc

More information about the funsec mailing list