Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security IT

Profile of the Russian Business Network 180

Posted by kdawson from the where-the-bad-guys-are dept.
The Washington Post has an article detailing what is known of the workings of the Russian Business Network, a shadowy entity based in St. Petersburg that hosts a good fraction of the world's spammers, identity thieves, bot herders, and phishers. RBN is not incorporated anywhere and may not technically even be violating Russian law. It provides "bulletproof hosting" for about $600 a month to a wide range of bad guys.The author of the Post story, Brian Krebs, supplements it with two blog posts. One provides more detail and back story including a look at one ISP's security admin who decided last summer to ban all RBN traffic from his network, with outstanding results. The other post maps some of the RBN's upstream suppliers and details the extent of the RBN's involvement in recent cyber-attacks: "Nearly every major advancement in computer viruses or worms over the past two years has emanated from or sent stolen consumer data back to servers" in the RBN.
This discussion has been archived. No new comments can be posted.

Profile of the Russian Business Network More

Profile of the Russian Business Network

Comments Filter:

  • Post some ranges (Score:3, Interesting)

    by robogun ( 466062 ) on Saturday October 13, 2007 @10:21PM (#20970561)
    I wish the article had links to the ranges so we could block this stuff.

    Although I have to say over the last ~2 weeks it's been down quite a bit.

  • Just block Russia (Score:1, Interesting)

    by drgonzo59 ( 747139 ) on Saturday October 13, 2007 @10:42PM (#20970657)
    How many of us have to do business with Russian sites? So block the whole range of Russian IPs until the Russian government wants to do something about it. Same thing with Nigeria and so on. The amount of crap coming from these countries is dis-proportionally larger than the number of useful, legitimate sites located there. Until those countries figure out how to control their spammers and phishers, they'll just have to spam each other and steal each other's identities as much as they please, we have our own crap to take care of.

  • Service provides "shy away" from blocking nets... (Score:5, Interesting)

    by krycheq ( 836359 ) on Saturday October 13, 2007 @10:58PM (#20970725)
    From TFA:

    Danny McPherson, chief research officer at Arbor Networks, a Lexington, Mass.-based company that provides network security services to some of the world's largest Internet providers, said most providers shy away from blocking whole networks. Instead, they choose to temporarily block specific problem sites.

    "Who decides what the acceptable threshold is for stopping connectivity to an entire network? Also, if you're an AT&T or Verizon and you block access to a sizable portion of the Internet, it's very likely that some consumer rights advocacy group is going to come after you."

    First... who's saying anything about blocking "a sizable portion of the Internet"? We're talking about being able to identify bad-actors and doing something about it for a change. From some recent articles I've read, AT&T doesn't seem to have any problems blocking their users from accessing the Internet when they don't like what they're doing... they'll just drop you if they don't like you. Why do they have issues blocking real criminals from doing real criminal activities. Can anyone honestly say that these networks are hosting content that anyone legitimate would want to get to?

    If there are legit companies doing business with these guys, and maybe if the networks were blocked, or the providers refused to carry routes to those networks, they would "shy away from" doing business with the RBN. Or is that too much of a free-market approach to the problem... block the criminals, and if you're associated with them, you can't do business either. Hmmm...

    Second, as to who decides... the market decides! This is pretty cut-and-dry. If there's a company somewhere that specializes in hosting this crap, then shut it down! It will only benefit legitimate business. This is so easy... there isn't a free-speech or access issue here... nothing for anyone to get upset about. The cancer has been identified... cut it out of the body.

    The time for reactive measures is over. The article got one thing right... this problem has been allowed to grow and fester beyond the point where half-measures are going to work. $150 million is real money and it's time to take the ability for these goons to do this away from them.

  • Re:Just block Russia (Score:3, Interesting)

    by HexaByte ( 817350 ) on Sunday October 14, 2007 @12:10AM (#20971033)
    Actually, I'd like to see a program that re-routes all 419 scams to Russia, and all RBN traffic to Nigeria. Throw in a few of the other bad sites, too. Just let them all have a private interspammernet.

  • Re:I've been away (Score:4, Interesting)

    by superwiz ( 655733 ) on Sunday October 14, 2007 @02:50AM (#20971739) Journal
    I was thinking more of civil disobedience as preached by Thoreau in "Civil Disobedience". It is not necessary to practice civil disobedience as a statement. It can be practiced for the sole purpose of non-violently opposing the corrupt regime. To quote the Wikipedia entry, "Voting for justice is as ineffective as wishing for justice; what you need to do is to actually be just. This is not to say that you have an obligation to devote your life to fighting for justice, but you do have an obligation not to commit injustice and not to give injustice your practical support." As such, practicing civil disobedience anonymously is actually more effective because after not getting caught you get to practice it again.

Slashdot Top Deals

Ya'll hear about the geometer who went to the beach to catch some rays and became a tangent ?

Close