North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Abuse procedures... Reality Checks
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "william(at)elan.net" <[email protected]> wrote: >On Sat, 7 Apr 2007, Fergie wrote: > >> I would have to respectfully disagree with you. When network >> operators do due diligence and SWIP their sub-allocations, they >> (the sub-allocations) should be authoritative in regards to things >> like RBLs. > >Yes. But the answer is that it also depends how many other cases like >this exist from same operator. If they have 16 suballocations in /24 >but say 5 of them are spewing, I'd block /24 (or larger) ISP block. Why? When you can block on more specific prefixes? This just doesn't make sense to me. >The exact % of bad blocks (i.e. when to start blocking ISP) depends >on your point of view and history with that ISP but most in fact do >held ISPs partially responsible. Indeed -- your point of view. Which I would argue is unfair and not "due diligence". - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.0 (Build 214) wj8DBQFGGBv8q1pz9mNUZTMRAuufAKC+/0DwFmrVA15UZaNib02GgR25MgCdFlu3 45XhfZTvgE+Oaiij4LoLNh0= =MO1u -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
|