North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: Abuse procedures... Reality Checks
Stephen: Are you saying that if there's nefarious IP out there let's automatically blacklist the /24 of that IP? J. Oquendo was describing his own methods and they sounded quite manual, manual enough that he's getting down to a /8 as necessary to blacklist a non-responsive operator. My point is that if you're going to block something, either block the /32 or do the research to justify blocking a larger group. And despite ToS, I think many operators are running automated lookups, and there are lots of examples out there for ARIN. Frank -----Original Message----- From: Stephen Satchell [mailto:list@xxxxxxxxxxxx] Sent: Saturday, April 07, 2007 5:44 PM To: frnkblk@xxxxxxxxx Cc: nanog@xxxxxxxxx Subject: Re: Abuse procedures... Reality Checks Frank Bulk wrote: > [[Attribution deleted by Frank Bulk]] >> Neither I nor J. Oquendo nor anyone else are required to >> spend our time, our money, and our resources figuring out which >> parts of X's network can be trusted and which can't. > > It's not that hard, the ARIN records are easy to look up. Figuring out that > network operator has a /8 that you want to block based on 3 or 4 IPs in > their range requires just as much work. It's *very* hard to do it with an automated system, as such automated look-ups are against the Terms of Service for every single RIR out there. Please play the bonus round: try again.