If you check the weekly CIDR-Report than you will find certain prefixes in bogus adv head for many many months. NO RIR cares about it.

we've been attacked/spammed/phished by such bogus prefix adv in past.

Regards,

Aftab A. Siddiqui

On Thu, Jul 28, 2011 at 3:33 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:

Michele Neylon :: Blacknight wrote:

On 28 Jul 2011, at 09:48, Frank Gadegast wrote:

Not at all out of scope.

I think it is out of scope

It is a slippery slope

Next you'll have people demanding that RIPE check what content is published on IP blocks ..

Good idea.

Other organisations are monitoring content too to prevent abuse, like
search engines that do not even want results from hacked sites
in their index.

RIPE is defny responsible for any abuse, whatever it is.

Lets have an example:
A highjacker is using some netblocks to attack a big bank.
They are flodded from this IP block and the attacker also
sets up a lot of pishing servers using these IPs.

Will RIPE ask the LIR about whats going on with his assignment ?
Will RIPE deroute this netblock at all ?
Just after the bank complaints ?
After somebody complains to RIPE that there are pishing servers on this netblock ?

What will happen ?

Cant be, that RIPE is doing nothing (to my opinion).
And it would be very interesting what RIPE would do right now
in this scenario.
Who knows more ?

Kind regards, Frank

You are right saying, that a listing does not proof anything,
but its a good indication (like I sayd above).

Not necessarily.

There are a multitude of reasons why an IP block can get listed - while it *might* be an indicator that you or I can use for our own *private* networks, it is not something that an organization like RIPE should be doing, as there is absolutely no standard or certification of DNS blacklists.

RIPE NCC could ask the member, whats going on with that netblock,
if they see a listing. I guess a lot of members do not
even realize, that their old netblocks are routed
somewhere else.

RIPE NCC has to check the use of assigned netblocks anyway
(if I understand some rules right).

No - the "usage" is related to the assignment rules

It cannot be that
assigned netblocks are used by non-members or members
the netblock wasnt assigned to …

Sorry, but I don't understand what you mean here

regards

Michele

Mr Michele Neylon
Blacknight Solutions
Hosting& Colocation, Brand Protection
ICANN Accredited Registrar
http://www.blacknight.com/
http://blog.blacknight.com/
http://blacknight.mobi/
http://mneylon.tel
Intl. +353 (0) 59 9183072
US: 213-233-1612
UK: 0844 484 9361
Locall: 1850 929 929
Direct Dial: +353 (0)59 9183090
Twitter: http://twitter.com/mneylon
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845

--

Mit freundlichen Gruessen,
--
PHADE Software - PowerWeb http://www.powerweb.de
Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de
Schinkelstrasse 17 fon: +49 33200 52920
14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921
======================================================================
Public PGP Key available for frank@powerweb.de