[[Attribution deleted by Frank Bulk]]
Neither I nor J. Oquendo nor anyone else are required to spend our time, our money, and our resources figuring out which parts of X's network can be trusted and which can't.
It's not that hard, the ARIN records are easy to look up. Figuring out
Stephen: Are you saying that if there's nefarious IP out there let's automatically blacklist the /24 of that IP? J. Oquendo was describing his own methods and they sounded quite manual, manual enough that he's getting down to a /8 as necessary to blacklist a non-responsive operator. My point is that if you're going to block something, either block the /32 or do the research to justify blocking a larger group. And despite ToS, I think many operators are running automated lookups, and there are lots of examples out there for ARIN. Frank -----Original Message----- From: Stephen Satchell [mailto:list@satchell.net] Sent: Saturday, April 07, 2007 5:44 PM To: frnkblk@iname.com Cc: nanog@nanog.org Subject: Re: Abuse procedures... Reality Checks Frank Bulk wrote: that
network operator has a /8 that you want to block based on 3 or 4 IPs in their range requires just as much work.
It's *very* hard to do it with an automated system, as such automated look-ups are against the Terms of Service for every single RIR out there. Please play the bonus round: try again.