Back in September of 2018, Swiftnode began leasing IP space from RIPE LIR Prager-IT (legally Prager Connect GmbH) of Mitterlingweg 37, 8055 Graz, Austria. This relationship would continue until August 19, 2022. Throughout our leasing period, we were both proactive and transparent in preventing abuse on our network. In the past 3 years and 10 months of our contract with Prager-IT, we sustained a total of 3 abuse reports. (Timestamps and notes listed below)
December 20, 2019 - 12:04 PM EST | Spam compliant for a single /32 | 22 Minutes - Resolved at 12:26 PM EST |
September 23, 2021 - 10:34 AM EST | Bittorrent activity for a single /32 | 12 Minutes - Resolved at 10:46 AM EST |
July 18, 2022 - 11:26 AM EST | Erroneous/bogus Hetzner report (see below) | N/A |
The final report above originated from Hetzner Online GmbH, a well known internet service provider and datacenter based in Germany. Upon receiving the report, we immediately began investigating the cause. While reviewing the abuse report and attached logs, it became clear that this was an erroneous/bogus abuse report. It was the result of someone spoofing one of our /32 into a bunch of random destinations, so that those random destinations would provide an amplified response, resulting in a denial of service for our /32. However, since Prager-IT utilizes an automatic nullrouting system, the single /32 was blackholed beyond our network, and therefore our customers were offline.
We immediately reached out to Hetzner, who promptly confirmed that the abuse report was closed on their end after our explanation of the above. We also immediately reached out to Prager-IT, both via their support system which recorded the erroneous "abuse report" from Hetzner, and via Skype to Stefan Prager, the owner of Prager-IT. Our ticket with Prager-IT has not received any human response since July 18, 2022, and our Skype communications have also gone unnoticed and unanswered. Since our customers remained nullrouted as a result of this erroneous abuse report, we continued to update the Prager-IT support ticket, the Skype conversation, and attempted calls to their office, hoping to have the nullroute cleared so customer access could be restored.
During this time, we also requested that Hetzner revise their automated abuse reporting system to account for the ability to spoof packets, but it seems as though the people who developed said system are either no longer with the company, or impossible to contact. The representatives we spoke with at Hetzner do not understand basic functions of the internet, nor do they seem to understand that spoofing is even possible. Since July 20, 2022, we have been waiting for Hetzner representatives to provide a response to this criticism/concern, we were told they would get back to us soon, it has now been one month, and they have failed to provide any such statement.
As of today, more than a dozen attempts to obtain a human response have gone unanswered by Prager-IT, and it has been 33 days that Prager-IT has not responded on their ticket system, their phone numbers, or their Skype.
On the bright side, and in the midst of Prager-IT completely failing to provide timely support, or the services which we paid for, we signed a new leasing agreement with Psychz Networks, our primary upstream provider. We were able to successfully migrate all our customers off the Prager-IT owned range within a relatively short time frame.