nanog mailing list archives
Re: Repeated Blacklisting / IP reputation
From: Joe Greco <jgreco () ns sol net>
Date: Tue, 8 Sep 2009 14:16:31 -0500 (CDT)
On Tue, 8 Sep 2009, Joe Greco wrote:It seems like it *could* be useful to have a system to notify of network delegation changes, but it also seems like if this was particularly important to anyone, then someone would have found a trivial way to implement at least a poor man's version of it. For example, record the ASN of a blocked IP address and remove the block when the ASN changes...That too, would be easily gamed by spammers. Just get multiple ASN's and bounce your dirty IPs around between them to clean them. The IP space being a direct (RIR->LIR) allocation having been made after the blocking was initiated is a pretty clear sign that the space has actually changed hands, and seems like it would be fairly difficult (if at all possible) to game.
Right, but they'll only do that if they're aware of such a system and it is significant enough to make a dent in them. Further, it would be a mistake to assume that *just* changing ASN's would be sufficient. The act of changing ASN's could act as a trigger to re-whois ARIN for an update of ownership, for example. The fact is that the information to trigger a re-query of ownership upon a redelegation sort-of already exists, though it is clearly imperfect. My point was that if it was actually useful to "notice" when an IP delegation moved, someone would already have made up a system to do this somehow. So my best guess is that there isn't a really strong incentive to pursue some sort of notification system, because you could pretty much do it as it stands. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Current thread:
- Re: Repeated Blacklisting / IP reputation, (continued)
- Re: Repeated Blacklisting / IP reputation Justin Shore (Sep 08)
- Re: Repeated Blacklisting / IP reputation J.D. Falk (Sep 08)
- Re: Repeated Blacklisting / IP reputation William Astle (Sep 08)
- Re: Repeated Blacklisting / IP reputation Benjamin Billon (Sep 08)
- Re: Repeated Blacklisting / IP reputation Jay Hennigan (Sep 08)
- Re: Repeated Blacklisting / IP reputation Brian Keefer (Sep 08)
- RE: Repeated Blacklisting / IP reputation Frank Bulk (Sep 09)
- Re: Repeated Blacklisting / IP reputation Jon Lewis (Sep 08)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 08)
- Re: Repeated Blacklisting / IP reputation Jon Lewis (Sep 08)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 08)
- Re: Repeated Blacklisting / IP reputation Valdis . Kletnieks (Sep 08)
- Re: Repeated Blacklisting / IP reputation bmanning (Sep 08)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 08)
- Re: Repeated Blacklisting / IP reputation bmanning (Sep 08)
- Re: Repeated Blacklisting / IP reputation Ronald Cotoni (Sep 08)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 09)
- Re: Repeated Blacklisting / IP reputation Chris Hills (Sep 09)
- Re: Repeated Blacklisting / IP reputation James Cloos (Sep 12)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 12)
- Re: Repeated Blacklisting / IP reputation James Cloos (Sep 12)