Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
The Internet Security

After Links To Cybercrime, Latvian ISP Cut Off 116

Posted by timothy from the people-interpret-jerks-as-damage-and-route-around-them dept.
alphadogg writes with this Network World story, excerpting "A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers. Real Host, based in Riga, Latvia was thought to control command-and-control servers for infected botnet PCs, and had been linked to phishing sites, Web sites that launched attack code at visitors and were also home to malicious 'rogue' antivirus products, according to a researcher using the pseudonym Jart Armin, who works on the Hostexploit.com Web site. 'This is maybe one of the top European centers of crap,' he said in an e-mail interview. 'It was a cesspool of criminal activity,' said Paul Ferguson, a researcher with Trend Micro."
This discussion has been archived. No new comments can be posted.

After Links To Cybercrime, Latvian ISP Cut Off More

After Links To Cybercrime, Latvian ISP Cut Off

Comments Filter:

  • Re:They'll move elsewhere (Score:5, Informative)

    by Zocalo ( 252965 ) on Thursday August 06, 2009 @05:21AM (#28969463) Homepage
    Probably not. The ISP in question, Real Host, appears to have only had a single upstream to the Internet via the Scandinavia ISP TeliaSonera and it was TeliaSonera being threatened with sanctions if they continued to provide connectivity to Real Host that resulted in the disconnection. Chances are that the operators behind Real Host (there is evidence to suggest at least some are ex-RBN staffers) are looking for other ISPs to provide them connectivity at this moment and Real Host with be coming to an Internet Sewer near you Real Soon.

  • Re:Censorship (Score:1, Informative)

    by Anonymous Coward on Thursday August 06, 2009 @05:22AM (#28969467)

    This has nothing to do with net neutrality anyway.

  • Re:They'll move elsewhere (Score:5, Informative)

    by AigariusDebian ( 721386 ) <aigarius@ d e b i a n . org> on Thursday August 06, 2009 @06:14AM (#28969701) Homepage

    That is not net neutrality.

    If you connect to the Internet you are an equal peer on it - you can receive and send data. You have the right to set up services just like bbc.co.uk can. If your ISP cuts you connection without a court order (a court that has jurisdiction over you), then it is a violation of net neutrality.

    Traffic shaping based on the destination (or source) of the traffic is also a violation of net neutrality, traffic shaping to prioritize some protocols over others is not (unless a phone company reduces the priority of all VoIP traffic to zero).

  • Re:They'll move elsewhere (Score:5, Informative)

    by mikael_j ( 106439 ) on Thursday August 06, 2009 @06:41AM (#28969835)

    Actually, what happened was that Real Host was getting its connection from Junik which in turn gets its upstream from TeliaSonera and TeliaSonera pressured Junik into cutting off Real Host.

    /Mikael

  • Re:They'll move elsewhere (Score:4, Informative)

    by Zocalo ( 252965 ) on Thursday August 06, 2009 @07:34AM (#28970059) Homepage
    Yep, my mistake. TeliaSonera was threatening Junik with sanctions if they didn't cut Real Host off. That's what happens when you go from memories of a late night... There's some more background info on the Zeus trojan that Real Host was running the C&C servers for, including a rather incriminating AS map, over at HostExploit [hostexploit.com]. Given the nature of the last couple of hops and liklihood of some RBN involvement, I'm actually inclined to believe that Junik is either a front or is seriously in someone's pocket...

  • Re:Throw the baby out with the bathwater (Score:3, Informative)

    by dkf ( 304284 ) <donal.k.fellows@manchester.ac.uk> on Thursday August 06, 2009 @08:30AM (#28970461) Homepage

    A real problem here is that if upstream providers do this sort of thing, there is no limit to their power. We're not talking about any court action, any due process or any other legal nicity. We are talking about vigilante action and mob rule.

    You agreed to abide by your ISP's AUP when you signed up for their service. I know this because I'm damn sure that it's a condition of the service agreement, and I'm sure that any court would view that as a reasonable and proportionate thing to impose. Yes, there is collusion between ISPs on this; no legit ISP wants anything to do with the likes of the scum behind the RBN...

  • Real Host is not an ISP (Score:4, Informative)

    by ACS Solver ( 1068112 ) on Thursday August 06, 2009 @08:42AM (#28970585)
    The summary is quite wrong, though I do not blame the submitter. All English and Russian language sources that I can find state that supposedly Real Host, an ISP, got cut off. That is not actually so.

    Real Host is some company that is running fraudulent operations and other crap, making use of the Zeus botnet. Real Host rented servers from Junik, which is an ISP. They're a small ISP connected upstream via the Latvian branch of Telia. And the story now is that Junik cut off Real Host's access and revoked the servers they rented. Real Storm itself doesn't appear to be linked to Latvia in any real way. They use an address in Kazakhstan as the legal address from where the IP blocks are leased, the botnet itself is being linked to a Russian group of hackers. And they chose Latvian servers to rent, which doesn't make them a Latvia-based group.

Slashdot Top Deals

Old programmers never die, they just hit account block limit.

Close