Slashdot Mirror

← Back to Stories (view on slashdot.org)

Scam-Linked ISP Intercage / Atrivo Gets Shut Out

Posted by timothy on from the don't-let-the-door-hit-you-on-the-way-out dept.

alphadogg writes with this excerpt from Network World: "The lifeline linking notorious service provider Intercage to the rest of the Internet has been severed. Intercage, which has also done business under the name Atrivo, was knocked offline late Saturday night when the last upstream provider connecting it to the Internet's backbone, Pacific Internet Exchange, terminated Intercage's service. Intercage president Emil Kacperski said Pacific did not tell him why his company had been knocked offline, but he believes it was in response to pressure from Spamhaus, a volunteer-run antispam group, which has been highly critical of Intercage's business practices."

32 of 102 comments (clear)

  1. So, a drop of spam-traffic? by mi · · Score: 3, Insightful

    For a couple of hours?

    --
    In Soviet Washington the swamp drains you.
    1. Re:So, a drop of spam-traffic? by gnick · · Score: 4, Informative

      Yup. The end of TFA was the painful (albeit obvious) part:

      Kacperski said Monday he was looking for a new service provider, but that he had no idea how long it will take him to get back online.

      "I've got to basically start all over," he said.

      Ugh. And the sad part is that, while he's scrambling to rebuild his "business", other people will be scrambling to fill in the void.

      --
      He's getting rather old, but he's a good mouse.
    2. Re:So, a drop of spam-traffic? by BPPG · · Score: 5, Funny

      I for one welcome this chance for other spam vendors to engage in a little competition. It will be a wholly new playing field if/when Intercage re-emerges online, after previously holding a dominant position. Hopefully the free-market nature of Internet business will only encourage the production of more quality spam. The recipients of spam can only benefit from this new development.

      --
      What's the value of information that you don't know?
    3. Re:So, a drop of spam-traffic? by Anonymous Coward · · Score: 3, Funny

      Maybe he could apply for a government bailout. After all, spam does account for a significant portion of our economy

    4. Re:So, a drop of spam-traffic? by osu-neko · · Score: 3, Funny

      Still though one wonders how someone can be running an ISP with 78% hostile traffic and not realize something is up.

      If there's a steady paycheck in it, I'll believe anything you say. ;)

      --
      "Convictions are more dangerous enemies of truth than lies."
    5. Re:So, a drop of spam-traffic? by Anonymous Coward · · Score: 5, Informative

      For a couple of hours?

      For a day. They found a new upstream now, though, Unitedlayer, Inc., who obviously didn't pay any attention to the news (or just decided to ignore it):

      http://cidr-report.org/cgi-bin/as-report?as=AS27595

                  27595 INTERCAGE - InterCage, Inc.

                      Adjacency: 1 Upstream: 1 Downstream: 0
                      Upstream Adjacent AS list
                          AS23342 UNITEDLAYER - Unitedlayer, Inc.

    6. Re:So, a drop of spam-traffic? by Anonymous Coward · · Score: 4, Funny

      Yea, don't give them any ideas!

      Next thing you know `traceroute intercage.com` will look something like this:
      traceroute to intercage.com (128.102.0.99), 64 hops max, 40 byte packets
      ...
      12 TKC-COMMUNI.hsa4.SanJose1.Level3.net (209.245.146.6) 36.243 ms 36.086 ms 36.397 ms
      13 n254-border-rtr-nisn-sip.arc.nasa.gov (198.123.41.9) 36.087 ms 36.086 ms 36.403 ms
      14 intercage.com (128.102.0.99) 36.432 ms 36.231 ms 36.891 ms

  2. That's why! by courteaudotbiz · · Score: 2, Funny

    I was thinking to myself "God! My EMail account must be in problem, I didn't receive any spam since the weekend", then I got this really great offer, a guy who is going to give me 20% of 5 million US dollars to help him recover a lost bank account. Well that's perfect, I'm the one who's finally gonna be rich!

    1. Re:That's why! by bonehead · · Score: 2, Funny

      That's awesome! Just imagine all the penis enlargement pills you'll be able to order now!

    2. Re:That's why! by oldspewey · · Score: 3, Informative

      You're just going to go right ahead and buy penis enlargement pills with the money? You're not going to parlay it into something bigger first? I got an email just this morning informing me that SuperRoyalCasinoOnline.com is offering a 200% bonus on all deposits. That means you can buy three times more penis pills, with the potential for even bigger winnings.

      --
      If libertarians are so opposed to effective government, why don't they all move to Somalia?
    3. Re:That's why! by indifferent+children · · Score: 5, Funny
      I got an email just this morning informing me that SuperRoyalCasinoOnline.com is offering a 200% bonus on all deposits.

      That's nothing. I got an offer this morning of $700B, with little oversight and no accountability. All I have to do is prove that I recklessly lost hundreds of billions of investor capital.

      --
      Censorship is telling a man he can't have a steak just because a baby can't chew it. --Mark Twain
    4. Re:That's why! by azav · · Score: 4, Funny

      Nigerian Mortgage Enlargement Pills.

      --
      - Zav - Imagine a Beowulf cluster of insensitive clods...
    5. Re:That's why! by spun · · Score: 2, Funny

      Look, you commie, if we don't pay our CEOs hundreds of millions of dollars, how can we be assured that we're getting the best? Do you know how long it might have taken to rape you all for hundreds of billions of dollars and then stick you with the bill for the rape exam kit if we had to make do with substandard CEOs?

      --
      - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
    6. Re:That's why! by Culture20 · · Score: 2, Funny

      Further proof that Communism is more efficient. It took the U.S. Government two centuries to do what the Soviets did to Czarist Russia in just months. /kidding
      In Soviet Russia ________

    7. Re:That's why! by frosty_tsm · · Score: 4, Insightful

      In Soviet Russia ________

      The economy bails you out?

  3. Re:Severs them right! by Anonymous+Codger · · Score: 4, Funny

    Nice typo in the title - very appropriate slip.

    --
    No sig? Sigh...
  4. Spamhaus, really? by ThanatosMinor · · Score: 2, Interesting

    I thought they were pretty much a passive organization that just lists domains and companies that are either irresponsible or actively take part in spam- or malware-related activity. It feels a little disingenuous to claim that they pressured a provider to drop a client.

    1. Re:Spamhaus, really? by Zerth · · Score: 3, Insightful

      While they don't do anything active, threatening to add you to their list for being the upstream of someone on their list is a little like saying "hey, nice knees. Shame if something happened to them". Enough people use Spamhaus, directly or indirectly, that being on their list can be equivalent to actively blocking them. It's not exactly a Usenet Death Penalty, but it'll cramp your style.

    2. Re:Spamhaus, really? by xrayspx · · Score: 2, Informative

      They list netblocks in a blacklist that other people use to filter, and if an ISP doesn't deal with the issue with that one block, Spamhaus will threaten to expand beyond the block of the individual offender, which might be like a /27, and blacklist the ISP's block, which might be a /18 or something.

      If a whole ISP is seen as a habitual offender and providing safe haven to unrepentant spammers, then SpamHaus will work their way upstream.

      --
      I like music
    3. Re:Spamhaus, really? by AnotherBlackHat · · Score: 2, Insightful

      Spamhaus, and most of the other anti-spam lists, are essentially boycott organizers.

      They may not do much personally, but they are advocates for action.

      -- Should you believe authority without question?

  5. beside spam by ionix5891 · · Score: 2, Informative

    they used to host quite alot of warez, and their whole range is blocked on wikipedia...

  6. Easy fix for them by $RANDOMLUSER · · Score: 2, Funny

    I'm sure if they ask real nice on the news.admin.net-abuse.email and news.admin.net-abuse.sightings newsfroups, they'll be reconnected in no time :D

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  7. Some truth to it... by SanityInAnarchy · · Score: 3, Interesting

    That's a good point, but when companies like AOL use Spamhaus, it means a huge number of email accounts are going to drop mail from anything in that list immediately.

    So while Spamhaus does "passively" list people there, let's not fool ourselves -- when they update that list, they cause people to be blocked. If an entire ISP is blocked from communicating with most email accounts out there, then that ISP is going to feel the pressure.

    --
    Don't thank God, thank a doctor!
    1. Re:Some truth to it... by geohump · · Score: 4, Interesting

      Spamhaus was not the central issue or cause of the disconnection. If you read the article, you will see that there was a paper that was researched and published with regard to Intercage/Atrivo activities. The fact that I/A ended up on Spamhaus was simply a reflection of their activities. Not the cause of their disconnection. The network operators who each independently made a decision to not accomodate I/A traffic did so based on the merits of their own knowledge, some of which came from that paper and the rest of which came from their own experiences, and a tiny bit coming from spamhaus which, as noted elsewhere in this thread has a reputation of its own. (good and/or bad. )

  8. Emil Does know why they were disconnected. by geohump · · Score: 3, Informative

    Email discussion about this modern version/equivalent of the "Internet Death penalty" (IDP) has been ongoing in the email list for network operators for the past several days. One side's consensus in this case seems to be "Intercage/Atrivo" has been a problem for years, has never adequately responded to abuse complaints, and is responding with a protestation of innocence that has all the credibility of 'The check is in the mail", "I'll only put it in an inch", and "of course I love you".

    There is the other side of the story with protestations of innocence. Unfortunately those cries are exactly what any party, guilty or innocent, would make. How to tell the difference?

    And what next?

    Will more ISP's/Hosters refuse to do business with "questionable" parties? Doesn't seem likely, but we can hope. Will the IDP be used on any other parties? Will there be damage to innocent parties? There are no easy answers or ready solutions for this issue.

    1. Re:Emil Does know why they were disconnected. by cpghost · · Score: 4, Informative

      Will more ISP's/Hosters refuse to do business with "questionable" parties?

      Some parties are always considered questionable, e.g. when they actively disrupt the Net. Those parties have always been cut-off, even in the pre-IP times: a misbehaving USENET host was quickly blacklisted and it had a very hard time to find peers. This is "technical questionability".

      Other parties are sometimes considered questionable, e.g. when they provide content that is deemed questionable in some areas and cultures (say, e.g. pr0n). This is "social/cultural questionability".

      Cutting someone off because of technical reasons is absolutely justifiable, because not cutting him off would disrupt the system itself. Cutting someone off because of social/cultural reasons is not necessary from a technical point of view, and is open to political debate.

      Now, Net Neutrality is essentially a political (and economical) debate, and has nothing to do with the first category (technical constraints). Cutting off Intercage/Atrivo seems to me like belonging to the first category: they were actively disrupting the Net on the technical level, and they had to go. IMHO.

      --
      cpghost at Cordula's Web.
    2. Re:Emil Does know why they were disconnected. by Anonymous Coward · · Score: 2, Interesting

      There is the other side of the story with protestations of innocence. Unfortunately those cries are exactly what any party, guilty or innocent, would make. How to tell the difference?

      Well, there's the 10+ years of evidence of lots of spam and viruses originating from there, spammers continuing to operate after multiple abuse reports were sent in, spammers operating from different IPs in the same range after the owner said he disconnected them, and very little evidence of any legitimate traffic from the same place. If this is the place I'm thinking of, it has no known customers, no public advertising presence, and has had a blank website for two years, yet they send out a lot of traffic and seem to make a lot of money.

      It used to be that if anybody was caught sending any spam or virus traffic, you shut them down until their traffic was clean. What Pacific is doing to Intercage is far from extraordinary. It was standard practice in the mid-1990s before spammers started bribing the big telcos to give them safe connections. It is still supposed to be standard practice, but money corrupts.

      captcha: villain

  9. How is this different from net-neutrality? by Em+Ellel · · Score: 4, Insightful

    Ok, for the record I am happy they are offline, but the devil's advocate in me does make me wonder about impact of this on net-neutrality.

    Consider this, a bandwidth provider cuts off certain traffic because it disproves of this traffic and feels most of it is illegal and it is bad for their business.

    Is it Pacific Internet Exchange cutting off access to Intercage because they believe most of the sites (70+ %) involves spam or some other illegal acvitivy?

    Or is it Comcast cutting off access to P2P protocols because they believe most of it (98+ %) involves copyright infringement or some other illegal activity?

    I am all for getting rid of the spam and malware, but something about this method is setting off red flags.

    Or maybe I am over-thinking it.

    --
    RelevantElephants: A Somatic WebComic...
    1. Re:How is this different from net-neutrality? by frosty_tsm · · Score: 2, Interesting

      Differences:

      Comcast does it secretly, Pacific did it publicly (or at least, obviously).
      Comcast targets a lot of individuals, Pacific cut off a provider who couldn't / wouldn't police their network.
      Comcast has the public's hate. Pacific is seen as doing the public a favor.

      Not saying these are valid reasons, but they are reasons to contemplate. There are probably more that I didn't think of.

  10. Re:It's a slippery slope... by eli867 · · Score: 3, Informative

    Uh, authentication isn't the problem. The bad guys are running the mail server, not hacking into it.

  11. this was long coming by ionix5891 · · Score: 4, Insightful

    A bit over a week ago Brian Krebs, who writes the "Security Fix" blog in the Washington Post, went public with a number of allegations about Atrivo and its activities. As a result, many of Atrivo's own upstream connectivity providers disconnected them.

  12. Re:That's not really fair by isdnip · · Score: 2, Insightful

    It worked the way it was supposed to! This is one reason why some misguided "neutrality" proposals fail -- they would prohibit blocking spammers.

    The whole idea is that you're not allowed to host spammers or malware. If you do, your ISP is kicked off. If some ISP provides you with upstream, they are kicked off. Anybody who hosts spammers directly or indirectly is kicked off, taking their customers with it. Not nice to customers, but customers should not sign up with spam-friendly ISPs.

    Free market law of the jungle, maybe, but the only way to prevent "pink contracts" from spreading.