[80391] in North American Network Operators' Group
RE: Schneier: ISPs should bear security burden
daemon@ATHENA.MIT.EDU (Miller, Mark)
Fri Apr 29 17:34:11 2005
Date: Fri, 29 Apr 2005 15:32:56 -0600
From: "Miller, Mark" <mark.miller@qwest.com>
To: <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
Unfortunately, a lot of static "business" DSL IP space is still on
those lists and legitimate mail servers can get blocked. I usually use
the DUL as a "white list" to negate hits on the traditional dnsbls since
those are almost always stale.
- Mark
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Dave Rand
Sent: Friday, April 29, 2005 4:07 AM
To: Steve Sobol; Mark Newton
Cc: Owen DeLong; Bill Stewart; North American Networking and Offtopic
Gripes List
Subject: Re: Schneier: ISPs should bear security burden
[In the message entitled "Re: Schneier: ISPs should bear security
burden" on Apr 28, 10:20, "Steve Sobol" writes:]
> There are some basic rules of thumb you can use. The problem is that=20
> they're not guaranteed to work. The best solution was created years=20
> ago (Gordon Fecyk's DUL, which lists IP ranges the ISPs specifically=20
> register as dynamic/not supposed to host servers) and eventually came=20
> under the purview of Kelkea/MAPS, but there wasn't a ton of ISP=20
> buy-in. If we could create a similar list and actually get ISPs to=20
> register the appropriate netblocks (and not mix in IPs where servers=20
> are allowed, and IPs where they aren't, in the same block), that'd be
great.
Dunno what a ton of ISP buy-in is, but the MAPS DUL now contains about
190,000,000 entries. We've been working on it very hard for the last
year or two. Most ISP-level subscribers figure it stops a pretty large
percentage of the compromised-home-computer spam.
--=20
