[194058] in North American Network Operators' Group
Re: Purchased IPv4 Woes
daemon@ATHENA.MIT.EDU (Harry McGregor)
Sun Mar 12 20:02:09 2017
X-Original-To: nanog@nanog.org
To: nanog@nanog.org
From: Harry McGregor <hmcgregor@biggeeks.org>
Date: Sun, 12 Mar 2017 17:02:04 -0700
In-Reply-To: <1bc1078b-a7c5-cdb0-e134-1b60581af17f@tccmail.ca>
Errors-To: nanog-bounces@nanog.org
Hi,
This is why I moved away from static black lists years ago. When the
68/8 and 24/8 blocks were released and tons of networks had it blocked
since it was "reserved" I observed and felt the pain.
My networks are small, and I rely on things such as fail2ban which auto
remove the blocks.
I would be willing to bet that many of the network operators/admins that
blocked your range are either not in the job any more or even dead. No
one in the company knows the blocks exist...
-Harry
On 03/12/2017 04:51 PM, Pete Baldwin wrote:
> So this is is really the question I had, and this is why I was
> wanting to start a dialog here, hoping that it wasn't out of line for
> the list. I don't know of a way to let a bunch of operators know that
> they should remove something without using something like this mailing
> list. Blacklists are supposed to fill this role so that one
> operator doesn't have to try and contact thousands of other operators
> individually, he/she just has to appeal to the blacklist and once
> delisted all should be well in short order.
>
> In cases where companies have their own internal lists, or only
> update them a couple of times a year from the major lists, I don't
> know of another way to notify everyone.
>
> I get why people are more cautious and filter entire blocks when
> just a few hosts are attacking/spamming them, and everyone has a
> choice on how they want to handle these situations. As an ISP, I want
> to do as little filtering as possible. I want all of my customers to
> have access to everything possible. If a netblock changes hands, I
> want to give the new owner the benefit of the doubt and only filter
> traffic if it repeats the same old behaviour. We're all using this
> finite space and I don't want to let the hostile minority slowly ruin
> what's left of the ipv4 assignments.
>
>
> -----
>
> Pete Baldwin
> Tuckersmith Communications
> (P) 519-565-2400
> (C) 519-441-7383
>
> On 03/12/2017 11:40 AM, valdis.kletnieks@vt.edu wrote:
>> How do all the AS's that have their own internal blacklists find out
>> that
>> they should fix their old listings?
>
