In message <cakcp59jpjt2lsutrtgasleutdscrvbwq0_cuas8lavnaapq...@mail.gma il.com>, Anushah Hossain <anus...@icsi.berkeley.edu> writes
> >surprisingly, I haven't seen the request on any other lists that
> are (a)
> relevant and (b) open -- perhaps they and their project team are
> not
> especially well connected in this space :(
>
> This is true. We were advised to share to RIPE and regional NOG
> mailing lists. Are there others you would have recommended?
ask the APWG to circulate the request to their members, and you might do
the same with M3AAWG
> > as John Levine already noted, the questionnaire seems somewhat
> confused
> as to whether it cares about routing issues (bogon lists, the
> Spamhaus
> DROP list etc) or spam filtering (bad domains, phishing feeds,
> botnet
> IPs etc etc)
>
> Hm, I think we are interested in quite the range of blacklists.
The issues will vary considerably between different types of list
> Here is a table of what my colleagues are monitoring:
>
> image.png
>
> >it also asked if internally generated lists were used, but seemed
> curiously uninterested in anything other than if the answer to that
> was
> yes or no -- a missed opportunity I thought.
>
> What would you have recommended probing here?
you could have asked an open ended question which asked what they did,
how they were built, why they were built in house and how significant
they were.
> I have been conducting interviews with those
> working in abuse prevention (even at some of the companies that
> have been mentioned upthread) to collect more specific anecdotes
> about how dynamic addressing has lowered the accuracy of certain
> feeds,
we've had DHCP for decades (and everyone knows the issues) ... are you
sure they weren't discussing Carrier Grade NAT ?
> for example, or how errors in geo-IP feeds affected them.
my own impression of these is that you get what you pay for ... but
unless you are buying proxies I'm sceptical that large scale abuse
filtering systems use this type of info as more than a one indicator
amongst many.
if you buying a proxy you may care a lot more !
Zachary Weinberg, Shinyoung Cho, Nicolas Christin, Vyas Sekar, and
Phillipa Gill. How to Catch when Proxies Lie: Verifying the Physical
Locations of Network Proxies with Active Geolocation. In Proceedings
of the 2018 ACM Internet Measurement Conference (IMC'18). Boston,
MA. October 2018.
--
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
signature.asc
Description: PGP signature
