Tagging of IP adresses / Application-Database
Hi, at RIPE-Meeting 33, the issue on the agenda of the lir-wg of "Tagging of IP adresses and ANTI SPAM" was rejected. Partly, because this has been implemented by Paul Vixi, http://maps.vix.com/dul Further, it was felt that these tags should not be an addition to the IP-Objects, because it has a much broader range of possible applications. So, the issue was handed over to the db-wg to think about a new application-registry. Such an application-object could look like:
location: [mandatory] [single] [primary/look-up key] app-type: [mandatory] [single] [primary key] app-subtype: [mandatory] [single] [primary key]
descr: [mandatory] [multiple] [ ] admin-c: [mandatory] [multiple] [inverse key] tech-c: [mandatory] [multiple] [inverse key] remarks: [optional] [multiple] [ ] notify: [optional] [multiple] [inverse key] mnt-by: [optional] [multiple] [inverse key] changed: [mandatory] [multiple] [ ] source: [mandatory] [single] [ ] <<< Location would be a range of IP-Addresses or maybe a hostname, app-type a value/keyword like "nameserver", "dialin", "mail" etc., app-subtype a more detailed code for the application, like root-nameserver, tld-nameserver, cc-nameserver, etc. Details to be discussed... Then descr, contacts etc, just the usual stuff. Technically, this shouldn't be too hard, but the main questions remain on the administrative side: - who would use this database, and for what purpose (Anti-SPAM, better route-flap-dampening ...) - who should insert/maintain the contents - how to determine if the contents are 'legal', e.g. come from the 'owner' of the mentioned ip-ranges/hosts - what to do if someone protests against some contents, or claims damages because of some contents Just to spark a bit of discussion... Best Regards, HaJo Gurt ------------------------------------------------------------------- Nacamar Network Administration NACAMAR Data Communications guardian@nacamar.net Robert-Bosch-Str. 32 D-63303 Dreieich +49 6103 993 0 Voice Germany +49 6103 993 222 FAX gurt@nacamar.de ------------------------------------------------------------------- Titanic 12 - Hiroshima 45 - Tschernobyl 86 - Windows 95 - Silvester 99
On 1999-05-26T21:46:48, Nacamar AS Guardian <guardian@nacamar.de> said:
- who would use this database, and for what purpose (Anti-SPAM, better route-flap-dampening ...)
We already keep this kind of data for our own inetnums, which we use for firewalling rules and other purposes. Better route-flap-dampening seems impossible. You can't just exclude all nameservers (for example) from the dampening, the lists would get too long, let alone the impact on the RR server when you do the lookups...
- who should insert/maintain the contents
Obviously, the only one able to maintain this data is the owner of the object.
- how to determine if the contents are 'legal', e.g. come from the 'owner' of the mentioned ip-ranges/hosts
MNT-BY should ensure that. Question is how RIPE can ensure that these new tags are indeed added at all.
- what to do if someone protests against some contents, or claims damages because of some contents
If the maintainer adds them himself, he can't protest against the contents ;-) But I wonder if the RIPE NCC members can indeed be asked to disclose all this data. I see a lot of people who might not want to do that. There is a reason why the data to evaluate a inetnum request is kept in strict confidence... Sincerely, Lars Marowsky-Brie -- Lars Marowsky-Brie Network Management teuto.net Netzdienste GmbH - DPN Verbund-Partner
I'm sorry for my inactivity on this subject, but let me just try to get this back to basics: The only thing I wanted was an attribute which said "SMTP connections from these IP numbers shouldn't happen" As it is today, we pretty indiscriminantly reject email from the dial-in ports of a large number of (mostly USAnian) ISPs to limit the amount of SPAM. All I wanted was to enable ISP's to cooperate on this tactic against "hit and run" spammers. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far!
On Thu, 3 Jun 1999, Poul-Henning Kamp wrote:
I'm sorry for my inactivity on this subject, but let me just try to get this back to basics: The only thing I wanted was an attribute which said "SMTP connections from these IP numbers shouldn't happen"
As it is today, we pretty indiscriminantly reject email from the dial-in ports of a large number of (mostly USAnian) ISPs to limit the amount of SPAM.
ok, this was discussed at the last RIPE-Meeting, and it was expressed that such an 'overloading' of the current IP-Database with additional, basically unrelated informations was not wanted. After all, wishes for a lot of tags for other applications might possibly appear, blowing up the IP-Database... So it was decided to do it (if at all) as a separate database, that could server for any number of different needs. Therefore, the issue was handed over to the database-working-group.
All I wanted was to enable ISP's to cooperate on this tactic against "hit and run" spammers.
That raises the questions 'who will/should maintain the data and the database' and 'who will tell the ISPs to use + how to use it'
Poul-Henning Kamp FreeBSD coreteam member
Best Regards, HaJo Gurt ------------------------------------------------------------------- Nacamar Network Administration NACAMAR Data Communications guardian@nacamar.net Robert-Bosch-Str. 32 D-63303 Dreieich +49 6103 993 0 Voice Germany +49 6103 993 222 FAX gurt@nacamar.de ------------------------------------------------------------------- My name is Borg, James Borg. License to assimilate.
In message <Pine.BSF.3.96.990604111501.29256J-100000@gargoyle.nacamar.de>, Nacamar AS Guardian writes:
On Thu, 3 Jun 1999, Poul-Henning Kamp wrote:
I'm sorry for my inactivity on this subject, but let me just try to get this back to basics: The only thing I wanted was an attribute which said "SMTP connections from these IP numbers shouldn't happen"
As it is today, we pretty indiscriminantly reject email from the dial-in ports of a large number of (mostly USAnian) ISPs to limit the amount of SPAM.
ok, this was discussed at the last RIPE-Meeting, and it was expressed that such an 'overloading' of the current IP-Database with additional, basically unrelated informations was not wanted.
Rather than bloat the idea to that size, I thing I'd rather drop the proposal then. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far!
On Fri, 4 Jun 1999, Poul-Henning Kamp wrote:
back to basics: The only thing I wanted was an attribute which said "SMTP connections from these IP numbers shouldn't happen"
'overloading' of the current IP-Database with additional, basically unrelated informations was not wanted.
Rather than bloat the idea to that size, I thing I'd rather drop the proposal then.
Ok, that would be the easiest way to get this issue done, sort of... On the other hand, the administrative overhead for the IP-Database with tags as extensions is likely to be at least the same as for a new, separate database.
Poul-Henning Kamp FreeBSD coreteam member
Best Regards, HaJo Gurt ------------------------------------------------------------------- Nacamar Network Administration NACAMAR Data Communications guardian@nacamar.net Robert-Bosch-Str. 32 D-63303 Dreieich +49 6103 993 0 Voice Germany +49 6103 993 222 FAX gurt@nacamar.de ------------------------------------------------------------------- COFFEE.SYS not found - Operator halted.
participants (3)
-
Lars Marowsky-Bree -
Nacamar AS Guardian -
Poul-Henning Kamp