New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I quoted the correct information from MaxMind above, Serbia and Montenegro(CS) were not on the list.
To the best of my knowledge, СССР no longer has any IP blocks assigned to them, so your point is worthless. But, just for the sake of argument, let's say that it did. We'll pretend that 1.2.3.0/24 and 4.5.6.0/24 were both still assigned as Soviet. Since the USSR no longer exists, and each country has their own IP blocks now, it would be pretty damn suspicious if I suddenly had an order from an IP showing up as Soviet.
Now let's apply this scenario to the current situation. Since Serbia is no longer recognized as a country, and yet the IP blocks still exist... wouldn't it make sense to mark a transaction from a Serbian-allocated IP as pretty damn iffy? Or would you rather just go "Oh, a Serbian IP, I can't actually tell where this guy is, but surely there's no harm in selling something to him!"
(That was rhetorical, btw. I know full well that even if you were capable of running a hosting company, a decision like that would be one of your better ones.)
I don't understand your analogy because same way CS don't exist. Double standards? Because this is all what we're saying. CS don't exist. Treating two separate independed countries under same name is outdated.
@KuJoe maybe use updated list with different countries but maxmind still list both separated countries under one outdated name and country code almost everywhere. Some examples: http://www.maxmind.com/eu_country_list.txt, http://www.maxmind.com/app/phone_rate
@Spirit thank you for pointing that out, although both pages have nothing to do with how they handle fraud. If the countries do not have any IPs assigned to them then the chance of being marked as fraud is 0%, if the countries do have IPs assigned to them then they should always be marked as fraud since they do not exist. Your arguing about data points that have 0 impact on how their service works.
Care to explain this more clearly?
@Spirit - Alright, allow me to simplify it some. We'll go back to СССР as an example again. Let's go with our prior situation of 1.2.3.0/24 and 4.5.6.0/24 still being assigned as Soviet IP blocks (much like how Serbian IP blocks still exist). Now, here's two situations:
a) An order is placed from an IP registered to a Москва IP. Russia has their own IP blocks, so this IP shows properly as RU, and not Soviet. Maxmind gives it a clear pass.
b) An order is placed from 1.2.3.15. MaxMind recognizes this as a Soviet IP, and flags as high-risk. Not because all former-СССР countries are high risk, but because the use of an IP address assigned to a country that no longer exists is suspicious.
"Serbia" is not being flagged high-risk. The use of an old Serbian IP is. I really don't know how to simplify this any more, so we'll have to trust that you either figure it out, or hope you get bored and let the topic die.
So who potentially use those IPs? Who's potentially marked as fraud? Part of serbian population and part of montenegrian population? But not all? If I get IP from new serbian or montenegrian range I am good guy but if I get IP from old range I am potential fraudster? Sorry but this have no sense.
My knowledge on the competence of the ISPs that those blocks might have been assigned to is not sufficient to pass judgement. The best I can offer is the possibility of those IPs either being accidentally assigned (and someone taking advantage of the situation), or the IPs being intentionally assigned/used for malicious use.
Either way. MaxMind's flag exists not because of the probability of use of those IPs, but the possibility.
Then I see even bigger problem with old outdated CS listed as high-risk fraud "country" - because if that's correct what you said the best thing it can do is to radomly "punish" people from otherwise no high fraud risk population.
Spirit are you some sort of Serbian nationalist?
@gsrdgrdghd no I have never been in Serbia neither I have roots in Serbia but don't you think that your question is a bit out of order? We just discuss here.
But couldn't this be just matter of past - when CS actually existed? Nowaday those IPs could be easily mixed in IP pool of one or both countries and can randomly assigned by ISPs to ordinary Serbian or Montenegrian internet users.
With your explanation that maxmind don't consider two separated countries as high risk fraud, just their old IP ranges from times when they was part of one country some things are more clear now but from this point of view CS marked as high risk fraud still seems outdated to me as any residental user from Serbia and/or Montenegro can potentially get IP from those two ranges.
Yes, that's possible. But if the appropriate organizations (I'm unsure of who handles IP delegation in that region) are doing their jobs, then ISPs will only be issued the IPs they're supposed to have.
Think of it this way. If the military base near you was supposed to receive a crate of ordinance, but it was delivered to your house by mistake... would you rather the postal service simply drop it at your door without question? Or should they stop and realize that they shouldn't be delivering weaponry to a civilian?
Bottom line is, shit happens. The Serbian IPs should've been reassigned long ago, but they weren't. MaxMind can't control that, but they can flag those IPs as high-risk to help protect providers. And even if an innocent user does end up with one, and gets auto-flagged as Fraud because of it, there's really nothing stopping them from opening a support ticket and getting things straightened out with the provider.
Serbia does exist as a country and it has IP blocks assigned. Serbia and Montenegro does not exist, not it has it's own IP blocks anymore. Why is that so difficult to understand?
Serbia and Montenegro = one county with a weird name, stopped existing somewhere in 2006, we have 3 countries from it now: Serbia, Montenegro (officially recognized and members of UN) and Kosovo (not fully recognized yet). Serbia and Montenegro have their own IP blocks now, Kosovo doesn't (AFAIK).
The list I quoted is from whmcs which I believe is what you're using, and not maxmind directly, so the list could be outdated. I couldn't find the full list on mixmind, can someone else find it?
Either way, I believe maxmind does a good job with their other checks (if IP differs from the country specified for example) but marking the whole country as a fraud for some unknown reasons is just plain stupid.
Apologies, that was merely poor phrasing in attempt of expedience. Just replace Serbia(n) with CS in my examples.
They do not mark the countries as fraud, the company who uses them marks them as fraud. There is a checkbox to block all "high risk countries" but this is a feature in WHMCS, not MaxMind. MaxMind does their ratings based on scores from different factors.
As for the unknown reasons, they clearly state their reasons for marking them as high risk.
But this opens new questions like.. why ISPs supposed no to have IPs from those ranges? Is there anything against reassigning them back to serbian or montenegrian ISPs? Imho. there are big chances that residental users use those IPs and maxmind mark them as fraud risk from times when CS existed.
That would be a question for the organization responsible for delegating those IPs. I'm merely BuyVM's billing tech; such matters are beyond my range of experience.
We're just discussing and I don't expect from you to know everything or to be right everytime
Heh. Well, if I were to guess, I would say either procrastination or laziness from the delegating authority (based on observations of China's distribution of their latest IP blocks). I have to run a ton of manual checks on CN clients that end up being given a Beijing IP, regardless of their actual location. Somebody is definitely dropping the ball somewhere >_<
Do chinese IPs even have anything useful at all? It's alawys like super-beijing-huamen-province-network with nothing else, no isp names, no rdns, etc
But then.. sorry for asking again... isn't then Serbia and Montenegro(CS) marked as high fraud risk really outdated? Yeah, I know... I am again with question on beginning but this what you previously explained (blacklisted IP ranges not country) make this list even more outdated. Look at this... you said that Serbia (and most likely Montenegro too) isn't marked as high fraud risk, but part of Serbian and/or Montenegrian population use old IPs delegated to CS. So maxmind/whmcs/whatever... now ban part of serbian or/and montenegrian population based on old CS (which don' exist more than half decade) experience and part of then (with new IP ranges) don't?
Wouldn't be then maxmind/whmcs/whatever blacklist more up-to-date without old CS IPs marked as high fraud risk as those IP ranges are nowaday most likely used in countries which aren't marked as high fraud risk?
AFAIK snowshoe spammers and etc like to 'hijack' legacy/outdated ranges with dropped or no poc too
Really? I was looking for reasons why they mark Romania as high risk and couldn't find anything except some generic reasons. Where am I supposed to look?
Yes, there's always some milli-percent posability that Serbian telecom, national ISP under owership of Serbian government which as example decade or two ago got those IP ranges from RIPE nowaday sell them to snowshoe spammers instead to ordinary residental users! :-)
Don't forget that we're talking about IPs of former CS, about IPs succeded by one or both countries which aren't marked as high fraud risk.
@Spirit; If you don't trust MaxMind, then don't use it. Seriously, if you have that many doubts about MaxMind... why don't you ask them directly? It's better than wasting time speculating whether this or that.
Not sell. As in, they falsely will claim and fax/spoof emails to RIPE and any LIR/RIR/anyone listening saying to announce it at [random fraudulently padi host] for ranges that haven't "seen use" in a bit.
@AsuraHosting what about to read conversation before pointless irrelevant commenting? I never said that I use or have need to use maxmind. But we're here to discuss... on discussion board. Can you imagine? So next time before you appear with your signature in some random thread to post random nonsense without any participation to thread try atleast to read what we're talking about.
@justinb yes that's always possible. But then again... we're talking about blacklisted IPs of whole former country.
I have read the whole post from beginning to end; you shouldn't assume. But the fact that you are arrogant and won't accept the information presented to you by Aldryic makes me think nothing will convince you to think otherwise.
Instead of what you call "discussing"; why don't you go straight to the source? It is the best solution.
And what I say is never nonsense, it's logic and reasoning.
Hey, I took information presented to me by Aldryic. Where did you get that? I didn't know that RS and ME aren't blacklisted but old CS IP range only - as Aldryc explained. But this just brought more answers and potential problems regarding topic to discuss about. What's bothering you? We're here to discuss about certain topic so like me or not... try to participate to thread regarding topic instead comming out of nowhere to trolling participants personally. You don't contribute to anything with that.
There are some threads which don't interest me. So I don't bother with them. I suggest you to do the same and let us others to discuss.
There are only 2 -3 posts offtopic spam which have nothing to do with this thread. This one and all yours. I can only thank to @Aldryc, @justinb, @vedran.. for participating in discussion even if there is some disagreement or lack of understanding on moments but what about you? Look at our last few posts and your great "contribution" to discussion. It seems more like need to post some random offtopic nonsese to show advertising signature.
Please @AsuraHosting stop ruining otherwise decent thread and go trolling somewhere else unless... damage is done already and you won your personal pissing contest?