The huge IP address of 'DDoS-Guard' that supports the revival of SNS / Parler will be canceled



Parler, an unmoderated SNS that emphasizes freedom of expression, has been forced out of the Internet as the cause of the attack on the US Capitol on January 6, 2021. It was. Parler was once thought to be unrecoverable, but the browser version will be revived on January 18th. However, security journalist Brian Clegg reports that DDoS-Guard, which serves the resurrected Parler, has been withdrawn from providing IP addresses.

DDoS-Guard To Forfeit Internet Space Occupied by Parler — Krebs on Security
https://krebsonsecurity.com/2021/01/ddos-guard-to-forfeit-internet-space-occupied-by-parler/

Parler, whose app was deleted by Apple and Google and stopped providing services by Amazon , was said to 'may not be revived', but the browser version will be revived from January 18, 2021 Did. Parler CEO John Matz has declared on the browser version of Parler's home page that it will continue to be a moderation-free social network.

SNS 'Parler' that was excluded from Apple, Google, Amazon and service stopped is revived --GIGAZINE



It has been pointed out that Parler, which has been denied service by Amazon and others, was able to restore the service because it uses DDoS-Guard. DDoS-Guard is a Russian-based cloud service that is said to host services related to cybercrime.

According to a report by security researcher Ron Guilmet, there have been cases where services that cannot use regular hosting services are switched to DDoS-Guard. In October 2020, after Internet provider CNServers in Oregon, USA took offline services such as 8chan and 8kun that connect with organizations such as QAnon, these web services are said to have switched hosting to DDoS-Guard.

Like CloudFlare and others, DDoS-Guard does not host websites directly, but blocks malicious traffic before it reaches the web server, preventing DDoS attacks and protecting sensitive information. DDoS-Guard employees are primarily based in Russia, but Scotland's Cognitive Cloud LLP and Central America's Belize's DDoS-Guard Corp also function as part of DDoS-Guard. On the other hand, employees of Belize companies are not disclosed, and Central American companies are not included in the global map.



According to a survey, the above two companies are assigned more than 11,000 Internet addresses. And according to Guilmet, 66% of them were given to Cognitive Cloud LLP by the

Latin American and Caribbean Network Information Center (LACNIC) . From this, Guilmet believes that DDoS-Guard established a paper company in Central America and acquired a large number of IP addresses that would otherwise be given only to physically existing companies.

Following a report from Guilmet, LACNIC conducted an investigation and announced that it would revoke the 8192 IPv4 addresses provided by DDoS-Guard. This address also includes the address assigned to Parler. According to the announcement, the cancellation will take effect on February 24, 2021.



In response, DDoS-Guard CEO Evgeny Manchenko has stated that the company has a company in Belize and is not doing anything wrong. In an email to KrebsOnSecurity, Manchenko said, 'There is nothing illegal or radical. We provide global services, so we have employers and representatives in different countries of the world. We have. The same is true for the Latin American region. '

Guilmet said that DDoS-Guard can deal with the above measures by moving the address of Parler and other websites to networks in other regions, but LACNIC received a report from Guilmet and was on site. I think that the operation of the Internet registry of is a big achievement.

In addition, the Internet registry that has jurisdiction over the African region AFRINIC was announced on January 21 (PDF file) report in, IPv4 address that more than 2.3 million is to divert the 'legal authority without resources of AFRINIC, for no good reason It is distributed to the organization. '

Related Posts:

in Web Service,   Security, Posted by darkhorse_log