Re: Telenor AS8210 and AS8434 technical contact?
Anonymous List User [EMAIL PROTECTED] writes: I must apologize for posting this anonymously. Can anybody provide me with a technical contact at Telenor (AS8210 and AS8434) to discuss European Teleport / VSAT network issues? Did you try the contacts listed in the RIPE database? Contact me offlist if you have problems reaching any of them. Bjørn
Questions about populating RIR with customer information.
Up until recently, we were only providing the RIR database with information about our larger allocations /24 or larger. We have noticed however that many anti-spam organizations such as Spamhaus, and Fiveten will use the lack of information regarding an IP allocation as a blank check to blacklist entire /24s when they are really targeting a single /30 or a /29. As such we are examining publishing information for all allocations in the RIR database (/30s, /29s, etc). My question, mostly is related to the privacy of the customer whom the space is being allocated to. Has anyone ever had an issue where they have published a user's information and the user had an issue with it? Is there some way that we can 'proxy' the information so that it simply states that the /29 has been allocated to a customer but it doesn't provide their contact information? Most of our customers are co-location and dedicated hosting customers and we are simply unsure whether or not there are implications (legal or otherwise) in publishing our customer data in a public RIR database. Does anyone have any thoughts on this? Sorry if this is the wrong place to ask. Thanks, -Drew
RE: Questions about populating RIR with customer information.
Does anyone have any thoughts on this? Sorry if this is the wrong place to ask. First of all, this strikes me as a legal and policy decision. For the legal aspects you should ask your lawyer or take it up on a legal blog like http://www.groklaw.net For the policy aspects, you really should take it to the RIRs where you have IP allocations. All RIRs operate policy discussion mailing lists. One disturbing thing that I saw in your message is that you seem to be accepting the fact that a so-called anti-spam organization can dictate how you operate your network and what requirements you must meet. I would suggest that this is the wrong way to approach the problem, rather like letting the tail wag the dog. It would be better for you to join an organization like MAAWG http://www.maawg.org/home which is attempting to define best current practices for ISPs. I don't know whether or not they have dealt with this particular issue yet, but it sounds like something that falls under their umbrella. -Michael Dillon
Re: Questions about populating RIR with customer information.
on Wed, Aug 01, 2007 at 09:47:45AM -0400, Drew Weaver wrote: Up until recently, we were only providing the RIR database with information about our larger allocations /24 or larger. We have noticed however that many anti-spam organizations such as Spamhaus, and Fiveten will use the lack of information regarding an IP allocation as a blank check to blacklist entire /24s when they are really targeting a single /30 or a /29. It's not just Spamhaus. How do you expect *anyone* to know whether an abusive customer of yours has a /29 or a /18 unless you *tell us* in rwhois? We happily block large swaths of the network due to failure on the providers' parts to adequately describe the allocation. rDNS scans and guesswork are fine, but it's much better if we can count on the providers' actual assignments as published in rwhois and block the smaller allocations instead. Is there some way that we can 'proxy' the information so that it simply states that the /29 has been allocated to a customer but it doesn't provide their contact information? Why on earth would you want to do that? In a world where 90%+ of our inbound mail traffic is abuse, I think accountability trumps privacy. Anyone using those stupid cloaked whois listings is automatic fodder for the filters here. Your right to access my resources ends when you deny me the ability to identify you if I so choose, on evidence of ill intent. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/ antispam news, solutions for sendmail, exim, postfix: http://enemieslist.com/
Re: Questions about populating RIR with customer information.
We always used to put full customer details in RIPE for AS6765 and AS5378. I never had any issues or queries from anybody, they were just told that this is how it is done. -- Leigh Porter Steven Champeon wrote: on Wed, Aug 01, 2007 at 09:47:45AM -0400, Drew Weaver wrote: Up until recently, we were only providing the RIR database with information about our larger allocations /24 or larger. We have noticed however that many anti-spam organizations such as Spamhaus, and Fiveten will use the lack of information regarding an IP allocation as a blank check to blacklist entire /24s when they are really targeting a single /30 or a /29. It's not just Spamhaus. How do you expect *anyone* to know whether an abusive customer of yours has a /29 or a /18 unless you *tell us* in rwhois? We happily block large swaths of the network due to failure on the providers' parts to adequately describe the allocation. rDNS scans and guesswork are fine, but it's much better if we can count on the providers' actual assignments as published in rwhois and block the smaller allocations instead. Is there some way that we can 'proxy' the information so that it simply states that the /29 has been allocated to a customer but it doesn't provide their contact information? Why on earth would you want to do that? In a world where 90%+ of our inbound mail traffic is abuse, I think accountability trumps privacy. Anyone using those stupid cloaked whois listings is automatic fodder for the filters here. Your right to access my resources ends when you deny me the ability to identify you if I so choose, on evidence of ill intent.
Re: Questions about populating RIR with customer information.
On Aug 1, 2007, at 6:47 AM, Drew Weaver wrote: Up until recently, we were only providing the RIR database with information about our larger allocations /24 or larger. We have noticed however that many anti-spam organizations such as Spamhaus, and Fiveten will use the lack of information regarding an IP allocation as a blank check to blacklist entire /24s when they are really targeting a single /30 or a /29. As such we are examining publishing information for all allocations in the RIR database (/30s, /29s, etc). Do you run an rwhois server with the allocation information already? If so, you'd have good reason to be aggrieved at blacklists not doing some amount of due diligence (though I think that's the first time I've heard spamhaus and fiveten - the two extremes of professionalism - bundled together). If not, then yes, if there's abusive traffic coming from hosts on your systems you're likely to find the smallest published allocation blocked (for reasons that are generally pretty good decisions operationally on the part of the people who don't want the bad traffic). My question, mostly is related to the privacy of the customer whom the space is being allocated to. Has anyone ever had an issue where they have published a user's information and the user had an issue with it? Is there some way that we can 'proxy' the information so that it simply states that the /29 has been allocated to a customer but it doesn't provide their contact information? If you get a reputation for providing spammers with anonymous SWIPs you're likely to have more problems with wider blocking, rather than less. Most of our customers are co-location and dedicated hosting customers and we are simply unsure whether or not there are implications (legal or otherwise) in publishing our customer data in a public RIR database. Does anyone have any thoughts on this? Sorry if this is the wrong place to ask. You'd need to ask your contract lawyers about most of that. Cheers, Steve
Re: 365 Main reason for outage report published
Sean Donelan wrote: The 365 Main San Francisco data center has published its report concerning the outage on July 24 after a utility problem. http://www.365main.com/status_update.html Other data centers using Hitec backup generators will want to review the 365's report and those with specific Hitec controllers may want to update them. www.infiltrated.net/hitecDDEC.jpg smime.p7s Description: S/MIME Cryptographic Signature
I35 bridge collapse in Minneapolis
Telephone call gapping by the major long distance carriers into the region seemed to be in effect for a while. I don't believe this is one of the five critical Mississippi River fiber crossing points, so Internet traffic appears mostly unaffected.
Re: Questions about populating RIR with customer information.
* Drew Weaver: Up until recently, we were only providing the RIR database with information about our larger allocations /24 or larger. We have noticed however that many anti-spam organizations such as Spamhaus, and Fiveten will use the lack of information regarding an IP allocation as a blank check to blacklist entire /24s when they are really targeting a single /30 or a /29. I don't know how this translates to actual blacklist entries, but for submitting complaints, blacklist operators ignore the smaller networks, whether they are in WHOIS or not. I would also expect that if you've got a significant spamming problem, some blacklists will try to entice *you* to do something about it proactively. Overblocking is often used for that purpose.
