* http://www.emergingthreats.net/rules/emerging-rbn.rules

* http://www.emergingthreats.net/rules/emerging-rbn-BLOCK.rules

"Call these hosts what you like, we see a large amount of hostile activity from these nets, and get little to no abuse response for takedown. Do what you will with this information." - Matt Jonkman

Russian Business Network background information compiled by JamesMcQuaid:

From JamesMcQuaid:

• RussianBusinessNetworkIPs.txt Updated 3-5-2010: IP address ranges from which the former customers of the RBN ISP, their malware marketing affiliate networks, and other similarly structured organized crime groups exploit consumers. Block at will. Test for your production environment prior to utilization.
• RBNIdentities.txt Registrant nom de guerres associated malicious and infected domains.

From Jart Armin: http://rbnexploit.blogspot.com

From Brian Krebs:

• http://blog.washingtonpost.com/securityfix/2007/11/russian_business_network_down.html
• http://blog.washingtonpost.com/securityfix/2007/10/mapping_the_russian_business_n.html
• http://blog.washingtonpost.com/securityfix/2007/10/taking_on_the_russian_business.html
• http://www.washingtonpost.com/wp-dyn/content/story/2007/10/12/ST2007101202661.html?hpid=moreheadlines
• http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101201700.html?sub=new

From Spamhaus:

• http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK7740
• "The Russians Go Chinese": http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK7829
• http://cidr-report.org/cgi-bin/as-report?as=AS43603
• http://cidr-report.org/cgi-bin/as-report?as=AS42811
• http://cidr-report.org/cgi-bin/as-report?as=AS43259
• http://cidr-report.org/cgi-bin/as-report?as=AS43702
• http://cidr-report.org/cgi-bin/as-report?as=AS43188
• http://cidr-report.org/cgi-bin/as-report?as=AS42672
• http://cidr-report.org/cgi-bin/as-report?as=AS42662

From Dancho Danchev: http://ddanchev.blogspot.com/

From David Bizeul: http://isc.sans.org/presentations/RBN_study.pdf

From Shadowserver: 'Clarifying the "guesswork" of Criminal Activity': http://www.shadowserver.org/wiki/uploads/Information/RBN-AS40989.pdf

Wikipedia: http://en.wikipedia.org/wiki/Russian_Business_Network

-- JamesMcQuaid - 11 August 2009