[117377] in North American Network Operators' Group
Re: Repeated Blacklisting / IP reputation
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Fri Sep 11 07:15:09 2009
Date: Fri, 11 Sep 2009 04:13:20 -0700
From: Joel Jaeggli <joelja@bogus.com>
To: Peter Beckman <beckman@angryox.com>
In-Reply-To: <alpine.BSF.2.00.0909101018240.85863@nog.angryox.com>
Cc: John Curran <jcurran@arin.net>, "nanog@nanog.org" <nanog@nanog.org>,
Alex Lanstein <ALanstein@FireEye.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Peter Beckman wrote:
> On Thu, 10 Sep 2009, Mark Andrews wrote:
>
>> What a load of rubbish. How is ARIN or any RIR/LIR supposed to
>> know the intent of use?
>
> Why don't we just blacklist everything and only whitelist those we know
> are good?
>
> Because the cost of determining who is good and who is not has a great
> cost. If you buy an IP block, regardless of your intent, that IP block
> should not have the ill-will of the previous owner passed on with it.
You don't buy ip blocks or at least not from ARIN. Among other things
that ARIN does not guarantee is routability.
> If
> the previous owner sucked, the new owner should have the chance to use
> that IP block without restriction until they prove that they suck, at
> which point it will be blocked again. That system seems to work well
> enough: blacklist blocks when they start do be evil, according to your own
> (you being the neteng in charge) definition of evil.
>
> ARIN needs to be impartial. If they are going to sell the block, they
> should do their best to make a coordinated effort to make sure the block
> is as unencumbered as possible. I get that there is a sense that ARIN
> needs to do more due dilligence to determine if the receiving party is
> worthy of that block, but I'm not aware of the process, and from the
> grumblings it doesn't seem like fun.
>
>> Note we all could start using IPv6 and avoid this problem altogether.
>
> Because as we know IPv6 space is inexhaustable. Just like IPv4 was when
> it began its life. ;-)
>
> That won't avoid the problem, it will simply put the problem off until it
> rears its head again. I'm sure that IPv6 space will be more easily gotten
> until problems arise, and in a few years (maybe decades, we can put this
> problem on our children's shoulders), we'll be back where we are now --
> getting recycled IP space that is blocked or encumbered due to bad
> previous owners.
>
> Beckman
> ---------------------------------------------------------------------------
> Peter Beckman Internet Guy
> beckman@angryox.com http://www.angryox.com/
> ---------------------------------------------------------------------------
>
