27 December 2019
Rusia now runs alt root servers, weans itself away from ICANN servers. Invites the world to play.
A friend in Russia said this:
"the Russian root servers, 3 of them for now ( Moscow, Ekaterinburg and Saint Petersburg), are managed by a Russian replica of ICANN. It's called RIPN.
In reality, it's about how much trust anyone places in ICANN and those with back door to 13 root servers vs Russian replica of ICANN and trust one places in Russians. The main thing is Russians can be assured they can't be cut off completely."
13You and 12 others
Theo DevelegasNo updates in 10 years: http://www.ripn.net/press/en/
Richard SextonAuthor Maybe they're busy doing actual work. There was a live test on Monday. Thanks for the pointer.
Theo Develegas Apparently they had an "oops" moment last year: https://securitytrails.com/blog/russian-tlds
SecurityTrails | Wrong Bind Configuration Exposes the Complete List of Russian TLD's to the Internet
Rubens KuhlThe hard part is making in-addr.arpa and ip6.arpa entries.
Richard Sexton Author Nobody cares about V6 so there's half the problem solved.
One step at a time.
Theo DevelegasThis group needs to move from Pyongyang, Korea to Yekaterinburg, Mother Russia.
Andrei KolesnikovAlt servers being there for many years.
Richard SextonAuthor What are their addresses?
Andrei Kolesnikov Richard Sexton KGB secret
Carlos Marcelo Martinez-CagnazzoWhat is that you like so much about this Richard ?
Richard Sexton Author Do you know the Geoff Goodfellow story about the SRI-NIC, Carlos?
Carlos Marcelo Martinez-Cagnazzo Richard Sexton no idea
Lutz DonnerhackeWhat's the problem? Running a Slave ist pretty easy and DNSSEC ensures no compromise of answers.
George T BundySo how’s that “One World, One Internet” working out for you now?
Dušan StojičevićRussia is hot in the middle of the winter. Here are the prices of IPv4 addresses on the Russian black market - https://belsat.eu/en/news/runet-founder-under-house-arrest/
Runet founder under house arrest
Allison NixonMost of the abuse is coming from Russia. Do they think anyone will buy the notion that Russian run servers will be abuse resistent? Anyone foolish to believe that should leave the regular internet and go join the RUnet, post haste
Andrei Kolesnikov Allison Nixon we suffer unbearable damn it
Vartan Khachaturov Allison Nixon any proofs for the "most of the abuse"?
Allison Nixon *waves hands generally at literally everything coming out of the Russian internet directed at america*
Barry SheinThe claim seems vague, most of the abuse comes from hosts geographically in Russia? Or do you know this is being done by citizens of Russia?
I've long had a theory that a lot of abuse arises from countries which don't normally use the Latin-1 (whatever, ASCII basically) alphabet because the documentation for their systems (and blogs, help forums, etc) are inaccessible to them so the systems are set up poorly and rarely patched when vulnerabilities become known.
So if I were looking for systems to abuse from, and had some known security flaws in hand, I think I'd do my fishing in non-Latin-1 pools.
And, even better, people will probably blame it on the geo-location of the source.
I haven't done this but for example take a known root vulnerability and search for help with it in Russian or Chinese and see what turns up vs searching in English.
Johna Till Johnson Barry Shein That theory makes sense to me. And explains the Russian paranoia (which isn't, under your theory, exactly paranoia--even paranoids have enemies)
Allison Nixon Your theory is ridiculous
I'm not going to waste my time educating yall on the state of online cybercrime and how the Russian gov works hand in hand with carders and spammers lmao.
Barry SheinThere appears to be some disagreement on this point.
One would need numbers to sort this out, not mere proof of existence.
I suspect there's truth in both characterizations, yes there appear to be Russian spam gangs and yes spammers et al world wide fish in non-ASCII waters for botnet and other source candidates.
These observations are hardly mutually exclusive.
Harald Tveit AlvestrandAs long as they serve the same root zone, these servers are Hyper-Local instances, and part of a trend that ICANN is encouraging. https://tools.ietf.org/html/rfc7706 is the localhost-only version.
RFC 7706 - Decreasing Access Time to Root Servers by Running One on Loopback
Richard SextonAuthor "as long as" being the key phrase of course. As long as Russia buys into the corrupt Clinton era ICANN model things won't change.
I'm sure you have nothing to worry about.
Rubens Kuhl As long as Russia trade interests are best served by joining the global Internet root, they will stay.
Dušan Stojičević"As long as"? https://www.bbc.com/news/technology-50902496
Russia 'successfully tests' its unplugged internet
Barry SheinI unplugged my internet connection and it worked *exactly* as I expected. I'll call that a successful test.
Dušan Stojičević Barry Shein sure, sure... The same BA was for US elections, and we are where we are... ;)
Nadira AL-Araj RIP N