Claus Marxmeier wrote: Hello,
When starting with www.netsecdb.de in 2008 i'd never expected the
You defny need to update your pages to explain what the netsecdb.de is for in the first place, looks like our own project under http://www.dnsbl.de, but I cannot find any explanation on your pages. Anyway ...
Many RIPE members started updating their whois records and abuse-mail contacts. Sometimes this results in an very effective workflow with only a few seconds response time over far distance whereas local providers still cannot be reached cause of invalid or missing contact records.
Unfortunately the RIPE team stated by mail, that they have no job-order to take care of the integrity of it's database records i.e. finding ancient content with missing or invalid information gives random results.
There seems to be no need for a RIPE member to keep it's records up-2-date ?
Here I really have to agree. I always voted, that the currently optional "abuse"-field in the whois records HAVE to be filled by the providers AND checked by RIPE. Providers are responsible for whats leaving their networks, but it looks like that the community has absolutely no interest to give the RIPE NCC the order to check those addresses on a regular base. I even mentioned that the RIPE community should develop mechanisms to punish members that do not react to abuse reports delivered to their abuse addresses, and thats defny work for this group to define these mechanisms. One simply mechanism could look like this: - RIPE defines an emailadress scheme for every IP address like ip1.ip2.ip3.ip4@abuse.ripe.net - this scheme is mentioned in every whois output - so, there will be no need for blacklist, other providers or even privat persons to do a whois lookup anymore - any report should be delivered to these addresses and RIPE NCC forwards incoming reports to the abuse address of the members (these could be even non-public) - any provider has to react in a whatever time by replying to the mail including a tracking number generated by RIPE NCC, to the complainant and the RIPE system, mark the reports as spam, false report, beeing worked one, customer blocked aso ... - provider without a valid abuse contact get warned, and in the worst case, will loose their IP allocation complained about - provider that have a valid address, but do not react will loose their IP allocation, if the spam level raised a defined limit according to the size of the providers allocation - RIPE NCC will calculate a value for every provider depending on the amount of IP addresses and incoming spam reports for a couple of months. RIPE then urges the provider to reduce this value on a monthly base. The provider will also loose his alloctions, if the value is not reduced or even rising. Surely a little value of spam reports is allowed for every provider depending on the size of his allocation. Surely their will be lots of details to check, but only this will force any member to actually DO something against spam leaving their networks, to block dialin customers with spambotted PCs, open relays of hacked servers. Kind regards, Frank
I wonder how long hosters are willing to pay the traffic, energy and CPU-time for something nobody needs to have. I wonder how long i takes for the DialUp- and Business Customers to learn, that security is a crucial part of internet activities and that their ISP's deliver very diffent qualities behind their mostly coloured flash-animated websites.
Looking forward to see the current unsolved problems beeing transported to public clouds in datacenter and poisoned high bandwith customer connections if everything remains 'same procedure as every year' ...
Kind regards,
Claus Marxmeier
- --- Claus Marxmeier EDV-Service Johann-Kierspel-Straße 5 51491 Overath Germany
-- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ====================================================================== Public PGP Key available for frank@powerweb.de