Recently I contacted RIPE NCC regarding Quasi Networks (AS29073) and their blatant disregard to abuse complaints. I have contacted Quasi Networks via the email addresses documented in the RIPE WHOIS database:
However to little surprise, I received no response or confirmation of my emails. The attacks from IP addresses managed by Quasi Networks continue at this very moment.
I also tried contacting the building they were located in, per the RIPE database WHOIS record:
Suite 1, Second Floor
Sound & Vision House, Francis Rachel Street
Victoria, Mahe, SEYCHELLES
However no one at Sound & Vision Pty Ltd. answered the phone or returned my email.
So it appears Quasi Networks has not received my messages due to invalid emails addresses provided or has chosen to ignore to them, both a violation of RIPE NCC policies.
I contacted the RIPE NCC Regulatory Review Team about this issue and spoke with Laurens Hoogendoorn, RIPE NCC IP resource analyst and discussed the following questions:
Me: Why does RIPE NCC require the burden of proof to fall to the victim of network abuse when the RIPE Database contains invalid or false information for an organization?
Laurens: At the moment that they become a member they sign an agreement in which they confirm that they will keep the contact details up-to-date. We consider contact details valid until proven otherwise and this is why we ask to provide evidence that contact details are invalid.
Me: Why does RIPE NCC not assist in the facilitation of communication between users and organizations in the RIPE Database when no response is received from the organization?
Laurens: As a membership association we implement and enforce policies that are made by the RIPE Community. We do have the mandate from the RIPE community to take action if contact details are proven to be invalid. We don’t have the mandate from the community to liaise between a party that reports abuse and the resource holder that is unresponsive.
Me: Does RIPE NCC recommend contacting law enforcement in the organization’s jurisdiction to assist in such matters mentioned above?
Laurens: We always recommend to contact the relevant authorities
if you are the victim of a crime.
Laurens also recommended contacting the holder of the parent IP block, Novogara LTD via email (only available method) at email@example.com. This is did not see to follow the documented protocol, so I asked additional follow up questions:
Me: You stated, “Finally, I do want to emphasise that I did double check our records before I sent my first email and we don’t have any reason to believe at this moment that the contact details are invalid.” What steps did you (RIPE NCC) take to complete this check? Did you contact the organization (Quasi Networks LTD) in any way to verify? Does RIPE NCC maintain a “backchannel” to organizations? You recommended that I “could also try to contact the holder of the parent IP block; maybe they are able to assist further.” I was not aware of this as the standard communication protocol per RIPE NCC policies regarding unresponsive abuse complaints to organizations. Is this something you recommended to try informally?
Laurens: 126.96.36.199/24 is a PA assignment and was created by our member Novogara LTD without the involvement of the RIPE NCC. For PA assignments you can indeed contact the holder of the parent block (as it is their address space). Quasi Networks LTD also holds AS29073 and the RIPE NCC did validate the registration details at the moment that they received the ASN.
So how does RIPE NCC policies differ from other Regional Internet Registries? In the case of invalid WHOIS details, there are indeed some differences. The American Registry for Internet Numbers (ARIN) will take action to contact organizations when they receive a report of invalid WHOIS data. Per Jonathan Roberts, ARIN Registration Services, ARIN will attempt to find updated contact information for invalid abuse records.
In my case, the attacks from Quasi Networks will continue unabated with no regulatory power from RIPE NCC to stop them. I have contacted firstname.lastname@example.org for assistance but have not received a response.