[nsp] 82/8 allocated to RIPE

Scott Granados scott@wworks.net
Sun, 24 Nov 2002 14:55:04 -0800


It just seems to me there should be a more automated way in some sense.

Wether the registry releases the updates in some sort of rpslish form which
could be automatically parsed or something similar.  When you require human
intervention there are to many people who will drop the ball.  Although I'm
totally in favor of blocking spammers and Ddos.  Its a difficult balance,
I'm just bitter from being on the side of a block which was and still is
having issues with people who don't update their filters.  I suspect your
right though with a strong process things should be better.

----- Original Message -----
From: "Rob Thomas" <robt@cymru.com>
To: "Cisco List" <cisco-nsp@puck.nether.net>
Sent: Sunday, November 24, 2002 9:03 AM
Subject: Re: [nsp] 82/8 allocated to RIPE


> Hi, Scott.
>
> ] If people can't keep current they shouldn't filter at all.
>
> If people can't manage such filters (requiring rare update, as already
> noted), I am left to wonder what else they aren't managing closely.  :/
>
> There are greater risks than simply DDoS by not filtering the
> unallocated space.  There have been at least two cases where spammers
> announced unallocated space, then used it to generate spam.  After
> issuing their spam, they unannounce the space.  Try to track that one
> down two days later...  :(  Oh, if you think spammers don't own small
> ISPs (and the accompanying ASNs), think again.
>
> Please keep in mind that in many (most?) places such filtering is a
> new process.  As with all new processes it will take time to polish
> them up to a fine, working order.  The end result is well worth it.
> If you don't believe me, feel free to tell me that after you've
> received 1Gbps+ from 1/8 or spam from 37/8.
>
> Thanks,
> Rob.
> --
> Rob Thomas
> http://www.cymru.com
> ASSERT(coffee != empty);
>
>
> _______________________________________________
> cisco-nsp mailing list  real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>