> "Document everything one AS originates in a single database" is the
> primary motivation here (so upstreams/peers can go to a single source
> to build filters, and that single source must not be RADB).
and why not?
randy
>>> I know my employer uses the rr.ntt.net instance on a daily basis.
>> yes, i built that and heas has done cool stuff. does your employer
>> register in ARIN or APNIC irr? < light goes on?>
> We encourage anyone to register their routes in the appropiate IRR,
> especially when that IRR offers
> STEP 1
>
> Any ROUTE object submitted for creation in the RIPE Database involving
> an out of region resource (address space and/or ASN) where that out of
> region resource does not exist in the authoritative RIR database (has
> not been allocated or assigned), reject the creation.
>
> The
> I believe most prefixes are registered in NTTCOM
so you too voted with yout feet
>> unfortunately, the answer for many operators is NO. they voted with
>> their feet. you can say what they SHOULD do. my family has a lot of
>> jokes about how the world should be.
> I don't know why you say
>> Sorry Elvis but you are neither a software engineer nor a regular
>> user inputting data into the RIPE Database. So your unsubstantiated
>> statement of 'poor' does not carry much weight.
> I was not making any decision just expressing an opinion just as Elvis
> expressed his opinion on my
> the whole point of book keeping is to have accurate data and records
>
> so, pick your poison. All POV leads to exactly the same thing: the ncc
> needs accurate abuse-c as much as any of the other data.
and it needs an accurate record of my blood type.
< rant >
this is insane. neither ripe nor the ncc should be the net police,
courts, and prison rolled into one kangaroo court.
it is droll that the erstwhile anti-abuse working group becomes a
self-righteous abuser. so it is with so many abused children.
put your energy into routing security
> Abuse mailboxes are already checked. What matters for abuse
> management is whether reports are acted on. This policy doesn't
> address that.
>
> If the RIPE NCC is instructed to send 6-monthly reminders to all abuse
> contacts with the implicit threat that if they aren't acted on in the
>
> So, either RIPE LIRs adopt Jordi's work flow for abuse complaint
> management, or the RIPE NCC will take away their internet addresses?
as the american government is demonstrating, and others' including
jordi's have demonstrated in the past, there is no proof of termination
of a growing police
plonk
> It wouldn't half surprise me if people like this "randy bush" are
> motivated by criminal groups.
ROFL
i have been allied with satan for years and am damned proud of it.
> so you are taking it upon yourself to attach your own opinion by
> commenting on how you interpret the point(s) Randy is making?
>
> how rude and presumptuous of yourself.
QED? i wish folk would not resort to ad homina
> it seems many people (including myself) are rude, obnoxious, not
>
> They had a fiduciary duty not to hand out whole /14s of v4 space to
> snowshoe spammers set up as eastern european LIRs not too long back
as i intended by my reference to martin niemöller, i suspect that's who
the net police/vigilantes will come for next. and then ... and then
... it is
> The four week discussion phase for 2019-03 officially ended just over
> a week ago. Since then, while there has been further welcome
> discussion on list, the WG Co-Chairs have been discussing the next
> steps with the proposers and the NCC Policy Officer. We have reached
> the following
>> Mr. Chairman, I ask you to summarily eject the member in question
> So, if you do not get your way, me being ejected, then you are
> threatening the Chair?
ok children. this is a waste of other people's bandwidth. if you want
to carry on in private, go for it. but stop pissing in the
suspect your question was clear
enough that even i understood it.
randy
---
From: Randy Bush
Subject: Re: [anti-abuse-wg] [Misc] Research project on blacklists
To: Anushah Hossain
Date: Wed, 17 Jul 2019 08:02:31 -0700
i loathe surveys
i use
dialups.mail-abuse.org
dnsbl.sorbs.net
erik,
> Personally, I'm not in favour of this policy as I don't like the NCC
> to start to injecting ROA's that are not allocated or assigned to
> members or end-users.
>
> I think it sets the wrong precedence for the community and it could
> open up for scope creep to abuse the system for other
> To an extreme, there should always be a known contact responsible for
> any network infrastructure.
there are, admin and tech
randy, not advocating for or against abuse-c
> It would be interesting if a large number of people who actually work
> for the security / infosec / abuse teams of various ripe members were
> to attend the aawg meetings instead of a clutch of mostly IP / dns /
> network people.
did. a couple of interesting presos, but the plural of anecdote
> I do not see so far any concrete proposal in the sense of addressing
> issues, only shooting down proposals (for good or bad reasons
the desire to stop a whack-a-mole does not imply a responsibility to
make moles.
a lot of folk here actually deal with spam, or likely they would not be
on this
well, not exactly as i see it. abuse-c: is the op's way of saying
"please send any abuse related information here." it is not a legal or
social contract to act on it (and i suspect that next year the wannabe
net police will want to enumerate exactly *how* they must act in 93
different
> Database and routing people who haven’t worked security or don’t want
> security roles trying to lecture people who work cert and abuse roles
> on why something abuse mitigation related won’t work is always
> interesting. Not you Randy but many other posters in this thread.
lecturing such bs at
> It’d be interesting to take individual names of the people most vocal
> in their objections and feed them through LinkedIn - that assumption
> you made about dealing with spam would soon be tested.
give me a hand here. how is this construcive and helpful for the
internet operations community?
> The unpredictability of the NCC's actions don't make the members happy.
s/the members/you/ at least in this case. and maybe a few others. i,
for one, am not unhappy, except that you speak for me.
randy
> I am not a member. However, the increase in such incidents and the
> risk of regulators or lawsuits occurring mean that RIPE NCC does need
> to perform more due diligence than would be consistent with a “we are
> not the internet police” position.
if this is an accusation that they are not,
> as Alexander Azimov pointed out: people can just announce a *less*
> specific, which will be "Not Found" even if an AS0 ROA exists for more
> specific. And because there is no competing (valid/not found)
> announcement they will attract the traffic.
this was brought up in the sidr wg when as0
> It would be nice if RIPE NCC could provide as part of its annual
> report a list of incidents of this nature so we have an idea of how
> wide-spread this is - or not.
as i try not to indulge in schadenfreude, i don't have much use for this
information.
we spent some time in this space in
> RPKI in its current form provides an insulation layer which stops
> certain types of misorigination problems and mitigates others, but has
> almost no impact on the wider question of policy routing.
>
> RPKI also works quite well from the point of view of incremental
> deployment, i.e. it's not
> One of the requests was from a Dutch law-enforcement authority
> ordering the RIPE NCC to provide non-public information it holds about
> organisations responsible for Internet number resources. The RIPE NCC
> complied with this request.
is it safe to assume this was a proper court order
brian,
excuse my continuing to rant. if i write a long message, it can not be
good :) as with spam, you have a delete key.
i think we all dislike spam and other forms of network abuse. but this
is the only working group whose goal is negative, to stop something.
even the wg's name is composed
hi sabri,
>> would those helpful folk kindly giving us legal opinions please tell
>> us your legal credentials?
fwiw, i did not mean to impugn anyone. the engineering advice on these
lists has some variance, though less variance on some lists than others.
and the lawyers i hear in real life,
would those helpful folk kindly giving us legal opinions please tell us
your legal credentials? it would help us better calibrate your legal
assertions. thanks.
randy
> Otherwise we change the way the working Groups works it will remain
> unchanged for ever. I agree that we must get a way to vote or another
> democratic way to get decisions.
the goals of the ripe community are stewardship and cooperation, not
voting, deciding, and "getting things done." you
> If this is about "do you want a mail address or a web form for
> reporting abuse?", no, routing and networking people do not really
> care much.
depends. will the bikeshed be magenta?
randy
> Suresh keeps attacking me without a single slightest proof, and hence
> I must respond.
a tale Told by an idiot, full of sound and fury, Signifying nothing.
-- bill
> sorry, we have no policy to kick off dirty spammer from elections. I
> think it is time to do that. Let's do.
i doubt this is necessary
randy
> It's ok for consensus to be that a policy proposal be rejected
> entirely.
but how many times?
randy
> If I didn't know that you expected me to offer support for this
> proposal, neither did anyone else.
i, for one, did. it's standard procedure under the pdp.
and assuming no one else understands what you do not understand is an
interesting mis-understanding.
randy
> I disagree that it did not reach consensus. There was never any proper
> measure of whether it reached consensus.
i will admit to being lazy/busy and have not looked at pdp to confirm.
but ...
i believe that the way we measure consensus is by looking at the faces
of the co-chairs. that's why
> Which then allows you to mistakenly claim there is or isn't consensus.
> Which itself is prone to abuse.
you may want to take a look at
7282 On Consensus and Humming in the IETF. P. Resnick. June 2014.
but we have been here before
--
Ettore Bugatti, maker of the finest cars of his day,
> In this article Vasileios Giotsas summarises the results of a detailed
> study of how transferred IPv4 prefixes are misused in the wild by
> synthesising an array of longitudinal IP blacklists, honeypot data, and
> AS reputation lists:
>
>
dear info:
> When you run a VPN service it simply lies in the nature of things that
> some miscreants buy accounts which lead to various types of
> complaints.
> Our principle is not to serve the bad, but the good!
reasonable. probably not easy to tell the good from the bad.
> Our removal
> Getting back to your street example. We -just like the police- are
> unable to watch the streets 24/7/365 for a potential bank robber
> traversing the street
or more like the police here in the states seem unable to police
themselves internally for fascist racist murderers.
> Amongst the greatest mysteries of the shady underbelly of the
> internet: how to pronounce "Guilmette"
speaking of anti-abuse; back in the '80s we agreed that making fun of
others' typos, misspellings, personal names, etc. was impolite.
randy
interesting wg to do routing security analysis.
as i do really not know the dod's or their proxy's motive(s), i can not
say much about their tactics let alone strategy.
i do know, and have actually seen and experienced, part of 11/8 being
used as if it was 1918 space; ripe bologna was the first
[ brian lured me into the abuse circle; so reposting with routing ]
interesting wg to do routing security analysis.
as i do really not know the dod's or their proxy's motive(s), i can not
say much about their tactics let alone strategy.
i do know, and have actually seen and experienced, part of
i think two things are being confused here; what the measurement folk
find useful and what the anti-spam folk find useful. the ncc and ripe
stat is not supplying the latter.
it is the mail operators' choice of which anti-spam techniques to use,
and i do that with one hat. but with a different
> UCEProtect was added as a data source prior to 2010 and is still used by
> several network operators to filter traffic into their networks.
> Including it as a data source in RIPEstat allows users to see whether
> resources are included in their lists.
uceful :)
randy
i am just a measurement guy who wandered over here because who doesn't
like the smell of blood in the water.
as this discission is about what ripe stat has been doing measurement
stats on since dirt was invented, perhaps the mat wg should have been
where this discussion occurred. at least it
> Given that, if RIPE NCC and its community doesn't trust UCEProtect
my impression is that this wg does not really like or trust anything.
it's all about not liking and rage at the machine.
imiho, it is very useful that ripe stat has longitudinal measurement
data on a few anti-spam technologies.
> It seems to me that if your abuse@ email is being overloaded and you are
> unable to keep your network spam free, then you shouldn't be taking on any
> more customers until you figure things out.
great. should be no problem telling the people in management who wear
shiny shoes that being
there is a fair bit of spectrum between the internet of cooperating
competitors running their networks as prudently as they can afford
and an internet desired by some where everything is done uniformly
by rigid written rules.
what i find interesting is that a number of the folk here who
loudly
> There seems to be at least one rule common to everyone: if you want to
> run a network with an independent routing policy you'll need to use
> BGP.
:)
> Unfortunately it seems dealing with abuse emerging from the networks
> one runs is not a common, basic, rule for everyone.
>
> Also, network
> It's not like these norms do not exist today - abuse contacts have to
> be provided already today. Responsible ISPs read these mailboxes and
> act upon them.
>
> Forcing everybody through a "you must click here to validate your
> abuse contact, otherwise bad things will happen to your
> Plain text ?
doh
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
> DNSSEC everywhere would make more sense than HTTPS everywhere, which
> instead won the hype. Being sure to connect to the IP designated by
> the domain is essential, while encrypting every page of sites like,
> say, wikipedia is just wasting cycles.
tls gives a bit of authenticity too. modulo
>>> Why isn't it possible to gain a delegation by proving number
>>> assignment?
>> Because your ISP can't be bothered.
> Is such unbotherability legitimate?
these years, it is one of the things when considering a provider from
which one gets address space.
part of the problem is that this used
> In a recent talk Jane Easterly said: "The private sector has promised
> better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly
has been riding that hobby horse for a few years, and with serious
justification.
58 matches
Mail list logo
