- Why would anybody be stealing a pre-existing already-registered IP address block? Simple, it is a great way to get access to these addresses for spamming purposes.
- Feel free to pass these around
How did it happen?
The Internet address space that is involved in the case described here – possible network identity theft – deals with IP addresses issued to San Francisco Bay Packet Radio, an organization that was involved way back in the 1970s in testing ARPANET.
San Francisco Bay Packet Radio was given the rights to do whatever it wanted with any numeric Internet addresses that begin with 134.17 – an allocation that is known in the industry as a “slash 16″ or “/16.” This space accommodates 65,536 unique Internet addresses.
Who is behind it?
The company ‘using’ the above orphaned Internet address space is Media Breakaway.
Media Breakaway is an online marketing company. It lists as its president an attorney named Steven Richter. He is the father of Scott Richter, a well-known e-mail marketer who has been sued by Microsoft, MySpace and former New York Attorney General Eliot Spitzer, for sending spam.
Get a better view of the image with text
The MySpace case got squased.
In 2005, Scott Richter, Media Breakaway’s CEO agreed to pay $7 million in damages to Microsoft.
What Media Breakaway offers you today is online marketing. The information provided on the web page about its services (see above image) is rather vague. Nevertheless, some people feel it might be one of the world’s biggest spammer outfit.
It manages e-mail address lists by routing traffic using the Internet addresses previously owned by the original San Francisco Bay Packet Radio entity through servers controlled by a San Diego based e-mail marketing company called JKS Media LLC. 
The company explains it services rather vaguely on its web site. According to Michael Krebs “… Steve Richter confirmed that JKS Media also is owned by Media Breakaway….”
Get a better view of the image to the left.
Who has done all this research and what can be done about these addresses?
Roland Guilmette has released Chapter 2 of his online book about spamming. The chapter entitled: Chapter 2:Denver By The Bay documents these matters in great detail. It makes for fascinating reading.
If spammers or other people can take over such IP addresses how many more might be used by others than those in whose name it is registered?
What is hard to understand is why American Registry for Internet Numbers – ARIN has not stepped in so far.
Unfortunately, the ‘stolen’ addresses are part of what is called legacy address space. The latter has to do with the way the IP address numbers were assigned.
Before American Registry for Internet Numbers – ARIN was set up, address space was assigned by Jon Postel and IANA.
At the time, these IP address assignments were open-ended. Accordingly, unless the assignee gives the rights back to ARIN (or another Registrar). In fact, ARIN has no rights over the address blocks. Therefore, this makes the legacy space very similar to the “Kings Grant” land in New England.
Hence, until this kind of network identity theft can be stopped by revoking these legacy type addresses, spammers do have the IP addresses needed to mail out tons of stuff right under our nose.
What does the U.S. intend to do about this – care to comment below.
Fortunately, there are no such issues with the IPv6 address space.
| If this post was helpful to you, please consider stumbling this post from CyTRAP Labs. Also of Interest | |
| IPv4 and IPv6 – security matters on EU – IST library |
Moral hazard – what can it teach about information security |
| more on identity theft – EU-IST library |
Internet addiction, occupational health and safety – 2 page policy for data privacy, security and usage |
Tidbit
Given recent discussions about the possible exhaustion of IPv4 space on NANOG and similar — how many network blocks are unaccounted for, or disused, or controlled by someone other than their putative owners.
Apparently in 2006, 163 million addresses were given out, 196 million in 2007.
If we use up about 235 million addresses this year – we are at 73 million in early May, this puts us on track for 219 million. So some people on the NANOG list estimate that we might be out of addresses within 1000 – 1200 days. This would leave us a million addresses per day to give for usage. This calculation assumes that we experience a 20% annual increase of address use.
What you think about this problem, please leave a comment