|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: network reputation [was: IP is...]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- Gadi Evron <[email protected]> wrote: >Security is a strong supporter of privacy as much as it is misused as an excuse for infringing upon it. > Very well stated. I agree completely. >Considering possibilities, other than avoiding spoofing, what would network reputation which is reliable help us do operationally? > Having now worked on both IP source-spoofing issues [0] (e.g RFC2827) and more recently dealing IP (and domain) reputation issues (Trend Micro acquired the original MAPS spam RBL reputation service [1]), I think I have a couple of thoughts on this that have relevance. The one thing that merits attention with the MAPS/Trend RBL+ is that we allow ISPs to literally "whitelist" dynamic address space, which most people know as the DUL list [2]. The only real "ownership" issues that we pay attention to [3] are the owners of the IP address space which source (via AS) the prefix, and still allow ISPs to work within that framework (via the DUL, and legitimate dynamic allocations). Having said all that, it is my personal opinion that there is merit in the notion that IP address can, and do, provide personally identifiable information -- but the I suppose the jury is really "out" on that, per se, in the United States. And whether or not that is "bad" is reflects a larger, more political question that we probably can't resolve on the mailing list. $.02, - - ferg ref: [0] http://www.ietf.org/rfc/rfc2827.txt [1] http://www.mail-abuse.com/enduserinfo_rbl.html [2] http://www.mail-abuse.com/enduserinfo_dul.html [3] https://nssg.trendmicro.com/nrs/reports/rank.php?page=1 -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHmCJRq1pz9mNUZTMRApVbAJkBVvAAWeJxP8GEVefacMjC/5CzSACfVP1t w27WIBUMIskf7CXRXMOblt0= =Wwm0 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
|