RIPE50 - NCC Services WG Draft Minutes
Dear All, Please see draft minutes from the NCC Services Working Group at RIPE 50. Please send any questions, comments or clarifications to Kurtis, myself or this mailing list. regards, Bijal ---- RIPE NCC Services Working Group Agenda Date: Thursday, 5 May 2005 Time: 16:00 - 17:00 Room: Plenary Room A. Administrative Matters * Welcome * Select a Scribe * Distribute Participants List * Finalise Agenda * Approve Minutes: http://www.ripe.net/ripe/wg/ncc-services/r49- minutes.html B. Report from the RIPE NCC - Axel Pawlik http://www.ripe.net/ripe/meetings/ripe-50/presentations/ripe50-serv- ncc-new.pdf Axel noted that the reporting on the RIPE NCC would not be repeated in the General Meeting, scheduled to take place at 17:00. Registration Services Training Engineering New Projects Coordination Communications Membership Relations External Relations There were no questions. C. New LIR Survey - Results and Feedback - Paul Rendek (RIPE NCC) http://www.ripe.net/ripe/meetings/ripe-50/presentations/ripe50- services-new-lir.pdf There were no questions. D. A New Version of the Hostcount http://www.ripe.net/ripe/meetings/ripe-50/presentations/ripe50-serv- hostcount.pdf RIPE NCC Timur requests feedback on the value of this service. Questions: Kurtis asks how many are using this whois data? Counts...yes, a few people using this data. Anyone has any comments about proposed changes? +/- 49 mins... Lars-Johan Liman (Netnod): Are you going to use this host query all over? Timur: Yes. Lars-Johan Liman - Netnod: Because I noticed some problems with some transfers. So it should be configured to provide one answer instead of many answers.... so this is about the zone transfer format. Timur: Thank you for this. We are going to review all the projects and maybe will modify the hostcount programme itself and maybe we should do a DNS as a backend which may be better. Peter: I want to respond on the remark made by the previous gentleman The host programme is showing its age and the sad fact is that the author has passed away a couple of years ago and the program itself has been orphaned. There are some problems in dealing with the new style referrals. It would be useful to have that located at a well- known place, one of which could be the RIPE NCC. And I would be willing to contribute. As before I didn't do the coding, but it would be useful to develop that not only for the host count, but for DNS debugging as well. Timur: Well, we promised to provide a DIY kit. We will come with a replacement on modified version of software. And your input would be much appreciated. Souissi Mohsen - AFNIC: I browsed through the site and randomly did some cctld's to find out about things. I was pleasantly surprised that there are detail on every cctld. But i am quite worried about the relevance of these figures. For example the zone count. if these figures are to be used somewhere maybe there is a column missing - the estimate of error. is there mathematical way to estimate that. And do a disclaimer for people using these figures? Timur: Well, there is a disclaimer there, Souissi Mohsen - AFNIC: Because the figures are, in some parts, very far from the reality Timur: We understand that, so that's why we are not claiming that it's something really precise. Souissi Mohsen - AFNIC: Thank you anyway. Rob Blokzijl: BTW the first hostcount counted 7200 hosts. But that was never published. Comment: I was one of the few who raised their hand when you asked whether people were using it or whether it is useful. I think its extremely useful because it is one of the few long term efforts to measure something of the internet in a consistent way. It is more of a trans measurement than absolutely numbers. I would like to see some sort of continuation of this and I think its important that potential users understand what it is . What it is that you measure, what the conditions are and yes, its difficult to give error estimates, but people should use it as one of the few reliable trend figures. You can see trends in many publications, but most are based on nothing and if you take any given moment in time, you have a rich choice of various trends, like the internet is not growing anymore or the internet is exploding but at least this measures something that is definied and is not a hostcount as the name suggests, but you are measuring someting in a consistent way for many years, so you can draw some conclustions and I think that is the value. Person from Vienna: I wholly support this project and I am very pleased to see that there is further work being done on this. i would just like to ask if, for the reverse dns counts may lirs volunteer to reform the divulged counts in the same way that some of us volunteerd to perfom forward counts for the country codes? Timnur: That's perfect. We would like to see a participation. Thanks a lot. Bruce Campbell: with what you said about the accuracy - if you see the graph on the screen there is a section that says zones blocked etc. that is the closest that you will get to seeing this is how inaccurate the figures are, because for every zone where we got a block, we have a completely unknown number of hosts that we couldn't count, which is why we started collecting the reverse count because its much easier to ennumerate through the reverse zones and not necessarily forward. the downside is that people generally don't populate the reverse zones. so if you have reverse zones, its putting them in dns is good. its yet another trend. its purely a trend thing with no relation to realiity. Timur: Thank you Peter Kock - denic (one of the starting points into hostzone and long time support and i appreciate the effort and would like to see it continue). I appreciate your new considerations of acceptable use and really, there is no acceptable use. the raw data is no longer shipped, which is probably one of the pre-conditions for the cctld registries to continue support for this project. This is really important and we should talk about that. Timur: Thank you. Out of time, so no open microphone. Y. Open Microphone Z. AOB
D. A New Version of the Hostcount http://www.ripe.net/ripe/meetings/ripe-50/presentations/ripe50-serv- hostcount.pdf RIPE NCC
Timur requests feedback on the value of this service.
Questions: Kurtis asks how many are using this whois data? Counts...yes, a few people using this data. Anyone has any comments about proposed changes?
As someone who was not at RIPE50 but who uses hostcount, I would like to add my comments and support. I find this service extremely useful. One real world use is as follows: the university network in Israel has IP addresses spanning a range of about 16 /16s. All domain names inside the universities should terminate with ac.il or at the worst org.il. But often students take a university Unix system that they have access to and start using it for non-academic purposes (left as an exercise for the reader to think of what constitutes non-academic :-)). Using grep on the raw data file I can easily spot those systems that are running questionable content based on their domain name (co.il for example). Sometimes, hackers change an IP address to some name that has certain character strings that are unique to the hacker realm. By running a series of greps on the raw data file I can find those systems that may have been compromised and contact the appropriate ISP in Israel. So please - make hostcount work again. Incidentally, it stopped working in Jan 2005. Regards, Hank
Dear Hank, Hank Nussbacher wrote:
D. A New Version of the Hostcount http://www.ripe.net/ripe/meetings/ripe-50/presentations/ripe50-serv- hostcount.pdf RIPE NCC
Timur requests feedback on the value of this service.
Questions: Kurtis asks how many are using this whois data? Counts...yes, a few people using this data. Anyone has any comments about proposed changes?
As someone who was not at RIPE50 but who uses hostcount, I would like to add my comments and support. I find this service extremely useful. One real world use is as follows: the university network in Israel has IP addresses spanning a range of about 16 /16s. All domain names inside the universities should terminate with ac.il or at the worst org.il. But often students take a university Unix system that they have access to and start using it for non-academic purposes (left as an exercise for the reader to think of what constitutes non-academic :-)). Using grep on the raw data file I can easily spot those systems that are running questionable content based on their domain name (co.il for example).
Sometimes, hackers change an IP address to some name that has certain character strings that are unique to the hacker realm. By running a series of greps on the raw data file I can find those systems that may have been compromised and contact the appropriate ISP in Israel.
So please - make hostcount work again. Incidentally, it stopped working in Jan 2005.
We are currently working on the problem you recently reported. My apologies that it takes longer than we expected. It is limited to publishing the raw data and the rest of the hostcount is functioning well. However, it seems that for you (and maybe some other people) the core value of the Hostcount is in the raw data, not so much in the statistics and a measurement of the "size of the Internet". This is different from the objectives of the projects as was presented at RIPE 50. In our view, while there are cases where raw data may be useful, the real value of the Hostcount for the community is in the statistics and trends that are produced from different data sources (e.g. forward DNS tree, reverse DNS, BGP tables). There are a few issues with publishing the raw data. One of them is that the implicit AUP under which data is collected does not necessarily match the AUP under which data is used. I believe some of the ccTLD would not like their data to be published and assuring them that this will not be the case may facilitate their participation in this project. Secondly, there are commercial products available on the market, the ISC domain survey is just one of those. Finally we wish to make all software publicly available so people may collect data themselves. In your case that may be a collaboration with the Israeli ccTLD administrator. Therefore in the Hostcount++ we proposed not to ship raw data at all. But if the consensus is that raw data is the real value of this project, then we need to make adjustments to the requirements.
Regards, Hank
Regards, Andrei Robachevsky RIPE NCC
At 10:33 AM 29-06-05 +0200, Andrei Robachevsky wrote:
However, it seems that for you (and maybe some other people) the core value of the Hostcount is in the raw data, not so much in the statistics and a measurement of the "size of the Internet". This is different from the objectives of the projects as was presented at RIPE 50.
Perhaps it is time to survey all those who responded positively (as I did) to continued development on hostcount - as to the reasons they felt that way rather than assuming they were all referring to statistics. I gave almost all of my 100 points in the survey to hostcount development.
In our view, while there are cases where raw data may be useful, the real value of the Hostcount for the community is in the statistics and trends that are produced from different data sources (e.g. forward DNS tree, reverse DNS, BGP tables).
Do you base that view on some empirical data? Can you point me at the link? As said above, perhaps it is time to survey your membership before proceeding?
There are a few issues with publishing the raw data. One of them is that the implicit AUP under which data is collected does not necessarily match the AUP under which data is used. I believe some of the ccTLD would not like their data to be published and assuring them that this will not be the case may facilitate their participation in this project.
I've read the AUP at: http://www.ripe.net/info/stats/hostcount/aup.html and could not find the clause that states that what I do is wrong or evenly possibly wrong based on the AUP. The data is never published, reproduced or transmitted or used for advertising. What if I got specific permission from the il cctld admin allowing what I do?
Secondly, there are commercial products available on the market, the ISC domain survey is just one of those.
If we go down the path of commercial products, I think I can find a commercial product for almost every RIPE research related effort.
Finally we wish to make all software publicly available so people may collect data themselves. In your case that may be a collaboration with the Israeli ccTLD administrator.
Therefore in the Hostcount++ we proposed not to ship raw data at all.
I see no reason why a signed AUP can't continued to be used as before to allow access to the raw data files.
But if the consensus is that raw data is the real value of this project, then we need to make adjustments to the requirements.
I raise my hand and I hope others do as well. -Hank
Regards, Hank
Regards,
Andrei Robachevsky RIPE NCC
+++++++++++++++++++++++++++++++++++++++++++ This Mail Was Scanned By Mail-seCure System at the Tel-Aviv University CC.
participants (3)
-
Andrei Robachevsky -
Bijal Sanghani -
Hank Nussbacher