|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Schneier: ISPs should bear security burden
Unfortunately, a lot of static "business" DSL IP space is still on those lists and legitimate mail servers can get blocked. I usually use the DUL as a "white list" to negate hits on the traditional dnsbls since those are almost always stale. - Mark -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dave Rand Sent: Friday, April 29, 2005 4:07 AM To: Steve Sobol; Mark Newton Cc: Owen DeLong; Bill Stewart; North American Networking and Offtopic Gripes List Subject: Re: Schneier: ISPs should bear security burden [In the message entitled "Re: Schneier: ISPs should bear security burden" on Apr 28, 10:20, "Steve Sobol" writes:] > There are some basic rules of thumb you can use. The problem is that > they're not guaranteed to work. The best solution was created years > ago (Gordon Fecyk's DUL, which lists IP ranges the ISPs specifically > register as dynamic/not supposed to host servers) and eventually came > under the purview of Kelkea/MAPS, but there wasn't a ton of ISP > buy-in. If we could create a similar list and actually get ISPs to > register the appropriate netblocks (and not mix in IPs where servers > are allowed, and IPs where they aren't, in the same block), that'd be great. Dunno what a ton of ISP buy-in is, but the MAPS DUL now contains about 190,000,000 entries. We've been working on it very hard for the last year or two. Most ISP-level subscribers figure it stops a pretty large percentage of the compromised-home-computer spam. --
|