Re: [nanog] PIR.org contact me, ASAP, please?

["Dan Mahoney (Gushi)" <danm () prime gushi org>]

On Wed, 18 Dec 2024, Dan Mahoney wrote:

> Hey there,
>
> Dayjob recently got a report from compliance () tucows com alleging that an old, historic bind9.tar.gz.asc (a 
> plain-text checksum file) on ftp.isc.org is malware.  It’s not.  It’s a false positive.
>
> Additionally, the URL they sent to vew the reporting material is http-only, and does not work, but it’s not hosted by 
> tucows/hover, it’s hosted at http://url4091.abuse-report.pir.org, is http-only (what year is it?) and doesn’t work!  
> Nor does that report actually come out and say what the file in question is, it’s only shown in an attached screenshot.
>
> Given what recently happened to another important internet domain (one of our IP providers) being put on administrative 
> hold due to basically one complaint of fraud, I am incredibly concerned.
>
> I’ve been in touch with the registrar that holds our domain name about this (Hover/Tucows), and I’ve got a direct line 
> with the CTO, but I need assurances that this will not lead to obnoxious actions, a week before Christmas.
>
> -Dan
> (From personal address, but with very much DayJob hat on)

Whoops, helps to add:

email dmahoney at isc org (but cc ray@)
phone 703-DEV-24x7 (txt/imessage, but identify yourself in the first 
volley)

-Dan

--