Re: ISPs blocking port 53? (was Re: Annoying dynamic DNS updates)
... probably most of the Abuse issues (especially via email) would continue to be ignored. Noone wants to handle that stuff. But someone(s) must handle that stuff.
the underlying question is, "or else what?" this is an assymetric-benefit situation. when folks ignore reports from noncustomers the people they are hurting are those noncustomers. as sean and others have pointed out, there's no incentive-stick in that equation. someone asked me privately:
and why would anyone care about branding? what would it gain them?
until theres financial penalties for being a bad netizen, there wont be any incentive to follow the rules.
if it were a checklist item for government/military/largecommercial contracts then you can bet that the sales team in every large/medium isp would beat the drum internally to ensure qualification and compliance. given the somewhat direct relationship between insider (customer) service, outsider responsiveness, and network uptime, this isn't a hard sell. what's hard is figuring out who can host the brand and what collection of people (network owners and their customers) can be trusted to define it. i'm thinking the new NRO (joint project by apnic/lacnic/ripe/arin) might be the right place to home a responsible-network-ownership branding program.
... probably most of the Abuse issues (especially via email) would continue to be ignored. Noone wants to handle that stuff. But someone(s) must handle that stuff.
the underlying question is, "or else what?"
this is an assymetric-benefit situation. when folks ignore reports from noncustomers the people they are hurting are those noncustomers. as sean and others have pointed out, there's no incentive-stick in that equation.
someone asked me privately:
and why would anyone care about branding? what would it gain them?
until theres financial penalties for being a bad netizen, there wont be any incentive to follow the rules.
if it were a checklist item for government/military/largecommercial contracts then you can bet that the sales team in every large/medium isp would beat the drum internally to ensure qualification and compliance.
given the somewhat direct relationship between insider (customer) service, outsider responsiveness, and network uptime, this isn't a hard sell. what's hard is figuring out who can host the brand and what collection of people (network owners and their customers) can be trusted to define it.
i'm thinking the new NRO (joint project by apnic/lacnic/ripe/arin) might be the right place to home a responsible-network-ownership branding program.
Comments about the NRO should be directed to the NRO discussion list. nro-comments@apnic.net Specifics on the NRO proposal may be found on any/each of the RIR web sites. --bill
... probably most of the Abuse issues (especially via email) would continue to be ignored. Noone wants to handle that stuff. But someone(s) must handle that stuff.
the underlying question is, "or else what?"
* Fortunately, at least where I was, there is a knowledge of AUPs having written their own and being aware of the AUP of their backbone peer. I set up abuse@ and such email aliases. Funny thing was 3 or 4 of us got the emails, and two or 3 of them forwarded them to me. I handled them for 1.5 years before they let me use another person to help. With a 10,000 user subscriber base there is a LOT of abuse emails and it is only getting worse. Everybody and their brother is having a personal firewall and reporting every door-knock they get even if they are blocking it. Things had to be prioritized based upon who they were coming from and what was the complaint. Obviously if I knew you were another ISP or NSP you got high priority. I did a lot of work to track down abuse complaints there. So the question is are AUPs enough to get THEM to answer report or complaints? ISPs should be enforcing their AUPs, but are they? and if so how quickly? Usually have to give an end-user some time to comply to a complaint ... especially if you don't reach them. You'd be amazed at how many accounts I suspended for AUP. But I don't expect there to be that level of action at every ISP, or even at where I was ... now that I am gone from there. Maybe there should be some kind of certification for ISPs? But why should they get certified if there is no incentive? If they have Systems and Network Admins which are certified they figure that covers it. But not every one of those certified persons has an ISP clue++ since it isn't part of any popular certification that I am aware of. Or some blanket organization that everyone should join and know and or learn the ropes ... something that is required before you can register a domain name or fire up DNS servers, or at least before you turn up your first dedicated connection. Some sellers of ISP provisioning software help a little bit. IMHO a VERY LITTLE BIT when you switch to their software. But after that almost everything becomes your responsibility. After all they aren't ISP/NSP training organizations. A lot of things are volunteer. Such as being on a NetOps Contact List, and being on http://www.abuse.net/. A lot of things are recommended ... but someone in an organization has to care and go find those things.
participants (3)
-
Alan Spicer
-
bmanning@karoshi.com
-
Paul Vixie