[117265] in North American Network Operators' Group
Re: Repeated Blacklisting / IP reputation
daemon@ATHENA.MIT.EDU (Jon Lewis)
Tue Sep 8 15:02:48 2009
Date: Tue, 8 Sep 2009 15:01:57 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: Joe Greco <jgreco@ns.sol.net>
In-Reply-To: <200909081852.n88IqZ2g090979@aurora.sol.net>
Cc: John Curran <jcurran@arin.net>, "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 8 Sep 2009, Joe Greco wrote:
> It seems like it *could* be useful to have a system to notify of network
> delegation changes, but it also seems like if this was particularly
> important to anyone, then someone would have found a trivial way to
> implement at least a poor man's version of it. For example, record
> the ASN of a blocked IP address and remove the block when the ASN
> changes...
That too, would be easily gamed by spammers. Just get multiple ASN's and
bounce your dirty IPs around between them to clean them. The IP space
being a direct (RIR->LIR) allocation having been made after the blocking
was initiated is a pretty clear sign that the space has actually changed
hands, and seems like it would be fairly difficult (if at all possible) to
game.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
