Russian Business Network study - bizeul.org
Russian Business Network study - bizeul.org
Russian Business Network study - bizeul.org
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Version 1.0.1<br />
RBN <strong>study</strong> – before and after<br />
David Bizeul<br />
Authentication-Results: mx.google.com; spf=neutral (google.com:<br />
66.199.234.100 is neither permitted nor denied by best guess record<br />
for domain of tim@rbnnetwork.com) smtp.mail=tim@rbnnetwork.com<br />
Message-Id: <br />
Date: Thu, 18 Oct 2007 16:53:41 +0400<br />
From: tim <br />
Mail coming from Tim Jaret passed through a computer named relayserver and hosted on 66.199.234.100. This<br />
address is part of 66.199.224.0/19 (RR RC WebHostPlus Inc NYCity Peer1 Route Object ARBINET PROXY OBJECT).<br />
One has to remind that SBT-Tel had established a peering relation with Arbinet in UK.<br />
The first paragraph of this chapter offered clues that RBN gave wrong technical information. Now, we can guess that<br />
even RBN communication is completely wrong.<br />
Intensive cybercrime relations<br />
Even if it’s not sure RBN is using servers for their own malicious activities, there is no doubt that<br />
customers/partner/clients are knocking at RBN door because they know they will find a shelter here. As InterCage or<br />
HopOne, RBN has successfully built strong relations with local cybercrime gangs.<br />
Nowadays, malware are sold to customers and phishing are made with automated kits. Creators of these malicious<br />
programs need a hosting provider to propose their customer the stuff in a complete ASP mode. In this business model,<br />
an agreeing hosting partner is required. RBN is this partner.<br />
37