funsec mailing list archives
Re: "Russian Police And Internet Registry Accused Of AidingCybercrime"
From: Dan White <dwhite () olp net>
Date: Thu, 22 Oct 2009 09:23:02 -0500
On 21/10/09 18:56 -0400, der Mouse wrote:
Nor should they, I think, per se. It's when they involve abuse of their assigned resources that the RIR has to step up and enforce the responsibility that goes with authority. Independent of whether that abuse happens to be legal, or not, in any jurisdiction. Or, of course, not do so, and watch the abuses grow until they kill the goose that's laying such golden eggs, instead of spending a few eggs to ensure the goose's long-term survival.
There's not really a whole lot that RIRs can do about abuse, once it's out of the bag. RIRs just sign contracts with assignees and hand out numeric resources to them (ASNs and addresses). It's up to transit providers and ISPs to determine how those resources get used. For instance, here's a list of address blocks being advertised that have not been properly allocated via the IANA/RIR process: http://thyme.apnic.net/rviews/data-add-IANA There are probably some spammers in the list who just picked out a block out of the air and started advertising it. IANA can't do anything, because they just have relationships with the RIRs (unless they have a legacy relationship with an assignee from when before RIRs existed). RIRs have contracts with assignees, but don't have much of a stick to poke at the tier-1 transits - transit providers are probably RIR customers, but RIRs don't get in the business of telling transits how to route traffic. That's as a function they don't have the technical expertise or legal right to oversee. The point at which RIRs *do* need to do something is when there is a request for resources. If they don't take due diligence is determining the validity of those requests, they open themselves to lawsuits from ISPs who are denied resources, such as when IPv4 resources start to deplete. -- Dan White _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- "Russian Police And Internet Registry Accused Of Aiding Cybercrime" Paul Vixie (Oct 21)
- Re: "Russian Police And Internet Registry Accused Of AidingCybercrime" Buhrmaster, Gary (Oct 21)
- Re: "Russian Police And Internet Registry Accused Of AidingCybercrime" der Mouse (Oct 21)
- Re: "Russian Police And Internet Registry Accused Of AidingCybercrime" Dan White (Oct 22)
- Re: "Russian Police And Internet Registry Accused Of AidingCybercrime" der Mouse (Oct 21)
- Re: "Russian Police And Internet Registry Accused Of Aiding Cybercrime" Alex Lanstein (Oct 21)
- Re: "Russian Police And Internet Registry Accused Of Aiding Cybercrime" chris (Oct 22)
- Re: "Russian Police And Internet Registry Accused Of Aiding Cybercrime" Jon Kibler (Oct 22)
- Re: "Russian Police And Internet Registry Accused Of Aiding Cybercrime" David Harley (Oct 22)
- Re: "Russian Police And Internet Registry Accused OfAiding Cybercrime" David Harley (Oct 22)
- Re: "Russian Police And Internet Registry Accused OfAiding Cybercrime" chris (Oct 22)
- Re: "Russian Police And Internet Registry Accused OfAiding Cybercrime" Valdis . Kletnieks (Oct 22)
- Re: "Russian Police And Internet Registry Accused OfAiding Cybercrime" David Harley (Oct 23)
- Re: "Russian Police And Internet Registry Accused Of Aiding Cybercrime" Jon Kibler (Oct 22)
- Re: "Russian Police And Internet Registry Accused Of AidingCybercrime" Buhrmaster, Gary (Oct 21)