nanog mailing list archives

Re: Botnets buying up IPv4 address space

From: Benson Schliesser <bensons () queuefull net>
Date: Fri, 7 Oct 2011 18:47:19 -0500

The important outcome is that transfers are documented. Making it easier for sellers to update Whois (so it points to 
the buyer) will encourage documentation.  If "needs justification" is ever a disincentive to update Whois, then it will 
discourage documentation.

Granted, a seller that doesn't update Whois should be more worried about the reputation of the buyer. But regardless, 
it is incorrect to assume that "needs justification" will prevent bad actors from acquiring address blocks. Even bad 
actors can justify their need, and some of them might even (*gasp*) lie about it in order to get what they want. The 
result would look like a normal transfer (with justified need, a Whois update, etc) and yet would result in a bad actor 
becoming an address holder.

Cheers,
-Benson


On Oct 7, 2011, at 6:08 PM, Jimmy Hess wrote:

On Fri, Oct 7, 2011 at 1:11 PM, Joly MacFie <joly () punkcast com> wrote:

I'd welcome comments as to solutions to this. Or is it just scaremongering?

Probably scaremongering... but it does raise an interesting thought.

It provides another argument why RIRs don't need to abandon justified
need as a mandatory
criteria for transferring addresses to specified recipients out of
fear that  legacy and other
holders will engage in "unofficial" sales and transfers that they
intentionally fail to record via WHOIS.

The legacy holder/unofficial transferror would be putting the
reputation of their entire address block,
and their other allocations at risk;  if the buyer eventually hands
some of the unofficial allocation
to a spammer, either by accident, or intentionally, doesn't matter.

The holder of addresses that unofficially transferred them, could have
some major headaches,
including service-affecting headaches to their network...  just to
sell  spare IP addresses faster for
a few extra bucks;   when there is a legitimate process available
that doesn't have that risk?

--
-JH

Current thread:

Re: Botnets buying up IPv4 address space, (continued)
- - - Re: Botnets buying up IPv4 address space Richard Barnes (Oct 07)
    - Re: Botnets buying up IPv4 address space Florian Weimer (Oct 08)
    - Re: Botnets buying up IPv4 address space Jimmy Hess (Oct 08)
    - Re: Botnets buying up IPv4 address space Martin Millnert (Oct 09)
    - Re: Botnets buying up IPv4 address space Joel jaeggli (Oct 09)
    - Re: Botnets buying up IPv4 address space David Conrad (Oct 07)
  - Re: Botnets buying up IPv4 address space Randy Bush (Oct 07)
- Re: Botnets buying up IPv4 address space William Herrin (Oct 07)
  - Re: Botnets buying up IPv4 address space Christopher Morrow (Oct 07)
- Re: Botnets buying up IPv4 address space Jimmy Hess (Oct 07)
  - Re: Botnets buying up IPv4 address space Benson Schliesser (Oct 07)
    - Re: Botnets buying up IPv4 address space Jimmy Hess (Oct 07)
    - Re: Botnets buying up IPv4 address space Owen DeLong (Oct 07)