* Brad Knowles ([EMAIL PROTECTED]) [050912 12:42] wrote: >>> I don't think using DNS is the best idea here, I would suggest something >>> more simple. >> >> Just to be noted: DNS is simple. Most of the blacklists use it. > I understand the DNS.
I know you're strong with DNS ;) I responded to Simon. >> I meant to use DNS as technical mean to share the data. It can be textfile >> to be wget'ted or mysql with bunch of scripts - it doesn't matter. >> You sticked to the word 'DNS' instead review the idea. > You definitely do not want a firewall dependant on the DNS. A > flat text file would be a much better solution. I never said anything about using firewall working in real-time manner with dns blacklist. I would shot myself before proposing such a thing. Just to note: i deal with large networking operations in my everyday life. Including network of various DNS servers ( including one of country's authoritative ). I mention DNS as an technical mean to make data available. From the blacklist's user point of view the "complexity" of getting blacklist's data by wgetting file is same as listing zone and redirecting it to a file. >> Such list would decrease the burden of current self-protection each >> of ntp pool admins spend and distribute the load of abuse detection >> among all of those who decide to be list feeders. > True, but it would greatly increase the load on the people at the > core of the system, and I seriously doubt that Ask has the additional > resources and personal time required to make something like this > successful. > I think that this is a case where distributing that workload > across the various server operators is a much better solution, at > least as far as pool.ntp.org is concerned and the amount of resources > that Ask has available to operate it. I was thinking about the potential ntp abusers blacklist beeing more like a separate project. Coming out of pool's observations and needs, yes, but not beeing additional headache to Ask. Who else will see the problems with ntp service like not ntp admins first? Who else in whole ntp community will strive for solving macro scale problems first like not nearly 400 server admins from within a single project? MJ -- [EMAIL PROTECTED] ( Psyborg ) MJ102-RIPE GTS Polska sp. z o.o. Servers Administration Department Manager "I'm desperately trying to figure out why kamikaze pilots wore helmets." _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
