On Thu, 30 Dec 2010 13:19:03 -0500 Rob McEwen <r...@invaluement.com> wrote:
> If blacklists like CBL are currently at 100 MBs (for IPv4)... the > bloat for IPv6 could break DNSBLs. RSYNCing Gigabyte (or terabyte!) > -sized files is memory and CPU intensive. Well, not really... John Levine proposes a way to summarize swaths of IPv6 address space into very little storage, so that shouldn't be an issue. While I'm not crazy about using DNS for this purposes, John's basic ideas are correct. The real problem is the human effort needed to monitor the enormous IPv6 address spave for abuse. I think it'll be hard or impossible to come up with useful and comprehensive IPv6 blacklists. Regards, David.
