At 3:04 PM +0200 2005-09-12, Miroslaw Jaworski wrote:
I mention DNS as an technical mean to make data available. From the
blacklist's user point of view the "complexity" of getting blacklist's
data by wgetting file is same as listing zone and redirecting it to
a file.
In this case, I think it's better not to muddy the waters by
mentioning DNS at all. The blacklist concept is a potentially valid
one, but given that it would have to be implemented inside of some
sort of set of firewall rules, I think we have to assume some sort of
static input file.
Yes, there are a variety of methods you could use to pull down
that static input file, but I think it would be best not to even try
to discuss or even mention any of those, except to say that there are
a variety of methods possible.
I was thinking about the potential ntp abusers blacklist beeing more
like a separate project. Coming out of pool's observations and needs,
yes, but not beeing additional headache to Ask.
Who else will see the problems with ntp service like not ntp admins
first? Who else in whole ntp community will strive for solving macro
scale problems first like not nearly 400 server admins from within
a single project?
If you're looking for an NTP-related project that could take on a
task like this, then I think the only possible organization that
could qualify would be the NTP Public Services Project. We've got a
number of part-time volunteers on the project, we've got a very good
network location at ISC (and the ability to call on some of the best
network and DNS engineers in the business), and between us I think we
have all the necessary knowledge of how to run something like this.
But what we don't have is people, or time. IMO, we'd need at
least two or three salaried full-time people, whose sole job it is to
maintain the black list, to operate the help desk (you'd have to have
24x7 operations, even if it's just being on-call after hours),
etc.... On top of that, I think we'd probably need another large
group of volunteers, putting in enough work to be equivalent to
another three or four full-time employees, and all of that would be
sucked up by just the black list and related operations. In other
words, I think we would quickly become about the same size as MAPS or
SpamHaus, or some of the other large blacklist operations.
We just don't have that kind of money, nor do we have that kind
of personnel resources.
If you can help us find the funding to make that sort of thing
happen, I know the place to get the proposal started. But I'm not
even going to try unless someone can convince me that they can get at
least most of the funding necessary.
--
Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
