[194047] in North American Network Operators' Group
Re: Purchased IPv4 Woes
daemon@ATHENA.MIT.EDU (Chris Knipe)
Sun Mar 12 14:03:12 2017
X-Original-To: nanog@nanog.org
In-Reply-To: <ae24a894-24e3-9f94-977a-c16a49adceb9@gmail.com>
From: Chris Knipe <savage@savage.za.org>
Date: Sun, 12 Mar 2017 20:01:34 +0200
To: Baldur Norddahl <baldur.norddahl@gmail.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sun, Mar 12, 2017 at 7:53 PM, Baldur Norddahl <baldur.norddahl@gmail.com>
wrote:
>
>
> Den 12/03/2017 kl. 18.14 skrev Brielle Bruns:
>
>> http == TCP
>> DNS == (usually) UDP
>>
>> Big difference here. One requires a three way handshake tearup/teardown,
>> the other does not.
>>
>> It is not an apples to apples comparison.
>>
>>
> You can replicate (download) the whole WHOIS if you need to. There is also
> no requirement that removal from reputation lists is instant. We would be
> good if it happened just within a month or even half a year. The situation
> now is however that you will never have it removed and many reputation
> services will ignore you if try to contact them for manual removal.
>
> At least in the RIPE managed space there IS a reliable way to know for
> sure who owns a block. Can you know that the new owner is any better than
> the old? Of course not, but that is true even for "fresh" address space.
>
> I am not a fan of reputation services that blacklist forever. It is just
> wrong and open for abuse of power. But not much I can do about that other
> than not using their service.
>
>
Also, no reason why a UDP (or DNS based even) query can't be implemented to
facilitate reputation lookups for ASNs, or even ownership.
--
Regards,
Chris Knipe
