North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Schneier: ISPs should bear security burden

  • From: Joe Maimon
  • Date: Mon May 02 13:20:03 2005 

Steven Champeon wrote:

on Sun, May 01, 2005 at 10:40:21PM -0400, Joe Maimon wrote:
What does the rest of the internet gain when all IPs have boilerplate reverse DNS setup for them, especialy with all these wildly differing and wacky naming "conventions"?

I don't care what the rest of the Internet gains, but I can say that
knowing something about these "wildly differing and wacky naming
conventions" has cut my spam load down by 98% or more. By knowing who
names their networks what, even wild-assed guesses at times have kept
the DDoS that is spam botnets from destroying the utility of email here.

Thats not quite what I was asking. Would you not have preferred being able to do all the above simply by being able to assume that all these "dialup" systems would not have any RDNS?

The question restated is what is the benifit in advocating "dialup names" as opposed to simply recommending that dialup ranges get NO rDNS?

For spam/abuse prevention it surely is less usefull. Its much easier to block IP with no rDNS than to maintain a list of patterns of rDNS that should be blocked.

I understand that RFCs recommend/require it. I want to know about specific benefits to the internet at large (not to the user who now has rDNS)

Given a choice between ISP using unpredictable naming patterns or no name for dialup ranges, what would your preference be?

Isnt it a much simpler world where simply having rDNS lends the assumption of a supported "static" system as opposed to none?
Bwahahaha. You mean "supported static systems" like:

not-a-legal-address [140.113.12.106]
66.domain.tld [216.109.16.66]
customer-reverse-entry.209.213.197.128 [209.213.197.128]
suspended.for.aup.violation [216.41.37.5]
unassigned [66.240.153.10]
unassigned-64.23.24.128 [64.23.24.128]
alameda.net.has.not.owned.this.ip.for.more.then.four.years [209.0.51.16]
nolonger.a.customer.cancelled.for.AUPviolation [209.208.31.84]

...just to pick a few? I believe Suresh has already supplied the answer
to the question of rDNS having anything to do with staticity.


Exactly the problem.