Survey on the use of IP blacklists for threat mitigation
Hi NANOG community, We are a group of researchers studying the use of IP blacklists as a mechanism to mitigate security threats -- particularly over the IPv6 Internet. We would like to understand if and how you use IP blacklists to secure your networks. Please consider taking our short survey: https://forms.gle/ZEsxyiBivJAfLF7e6 The survey will be anonymous unless you choose to identify yourself. Thanks, Rachee UMass Amherst
Would you be interested in input from security professionals or are you targeting network engineers directly with this? -- Zach Rogers Lead Security Analyst Network Security Monitoring Oregon Research & Teaching Security Operations Center (ORTSOC) Phone: 541.737.7723 GPG Fingerprint: ECC5 03A6 7E91 17C6 50C6 8FAC D6A0 8001 2869 BD52 ________________________________________ From: NANOG <nanog-bounces@nanog.org> on behalf of Rachee Singh <rachee.singh@gmail.com> Sent: Tuesday, June 16, 2020 9:15 AM To: nanog@nanog.org Subject: Survey on the use of IP blacklists for threat mitigation Hi NANOG community, We are a group of researchers studying the use of IP blacklists as a mechanism to mitigate security threats -- particularly over the IPv6 Internet. We would like to understand if and how you use IP blacklists to secure your networks. Please consider taking our short survey: https://forms.gle/ZEsxyiBivJAfLF7e6 The survey will be anonymous unless you choose to identify yourself. Thanks, Rachee UMass Amherst
We would very much appreciate input from security professionals. PS: as someone correctly pointed out, the more appropriate terminology is "IP blocklists". I apologize for the mistake and I have fixed it in the google survey. Thanks, Rachee On Tue, Jun 16, 2020 at 10:41 AM Rogers, Zachery < Zach.Rogers@oregonstate.edu> wrote:
Would you be interested in input from security professionals or are you targeting network engineers directly with this?
--
Zach Rogers Lead Security Analyst Network Security Monitoring Oregon Research & Teaching Security Operations Center (ORTSOC) Phone: 541.737.7723 GPG Fingerprint: ECC5 03A6 7E91 17C6 50C6 8FAC D6A0 8001 2869 BD52
________________________________________ From: NANOG <nanog-bounces@nanog.org> on behalf of Rachee Singh < rachee.singh@gmail.com> Sent: Tuesday, June 16, 2020 9:15 AM To: nanog@nanog.org Subject: Survey on the use of IP blacklists for threat mitigation
Hi NANOG community,
We are a group of researchers studying the use of IP blacklists as a mechanism to mitigate security threats -- particularly over the IPv6 Internet. We would like to understand if and how you use IP blacklists to secure your networks. Please consider taking our short survey: https://forms.gle/ZEsxyiBivJAfLF7e6
The survey will be anonymous unless you choose to identify yourself.
Thanks, Rachee UMass Amherst
Yo Rachee! On Tue, 16 Jun 2020 10:59:17 -0700 Rachee Singh <rachee.singh@gmail.com> wrote:
PS: as someone correctly pointed out, the more appropriate terminology is "IP blocklists".
Google says that descriminates against the Eastern Block of the EU. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703 gem@rellim.com Tel:+1 541 382 8588 Veritas liberabit vos. -- Quid est veritas? "If you can't measure it, you can't improve it." - Lord Kelvin
In kind, I'd like to encourage the use of terms like permit/accept list or deny/block list. Respectfully, -Ryan On Tue, Jun 16, 2020 at 11:33 AM Rachee Singh <rachee.singh@gmail.com> wrote:
Hi NANOG community,
We are a group of researchers studying the use of IP blacklists as a mechanism to mitigate security threats -- particularly over the IPv6 Internet. We would like to understand if and how you use IP blacklists to secure your networks. Please consider taking our short survey: https://forms.gle/ZEsxyiBivJAfLF7e6
The survey will be anonymous unless you choose to identify yourself.
Thanks, Rachee UMass Amherst
Guess we all better start rewriting all of the documentation out there because some PC marketing snowflake wants to get extra brownie points and attention for classifying a color in RGB into a racial divide for which it never originated. blacklists are not always deny/block/disallow and conformed of things that allow you to take actions whatever your choosing upon their contents and your policies. What’s next ? redlisting ? Don’t offend the Russians ... blue ? Don’t want to offend the police ... Leave this crap off the list, it’s not helping anyone. SMH -- J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.
On Jun 16, 2020, at 13:27, Ryan Landry <ryan.landry@gmail.com> wrote:
In kind, I'd like to encourage the use of terms like permit/accept list or deny/block list.
Respectfully, -Ryan
On Tue, Jun 16, 2020 at 11:33 AM Rachee Singh <rachee.singh@gmail.com> wrote: Hi NANOG community,
We are a group of researchers studying the use of IP blacklists as a mechanism to mitigate security threats -- particularly over the IPv6 Internet. We would like to understand if and how you use IP blacklists to secure your networks. Please consider taking our short survey: https://forms.gle/ZEsxyiBivJAfLF7e6
The survey will be anonymous unless you choose to identify yourself.
Thanks, Rachee UMass Amherst
On Tue, Jun 16, 2020, at 15:08, J. Hellenthal via NANOG wrote:
blacklists are not always deny/block/disallow and conformed of things that allow you to take actions whatever your choosing upon their contents and your policies.
What’s next ? redlisting ? Don’t offend the Russians ... blue ? Don’t want to offend the police ...
How about - don't use colour at all, since it's just a culture-specific proxy for the actual meaning? "blacklist" and "whitelist" are challenging for ESL and for people from other cultures. Block list, allow list, filter list, etc. are all more precise terms that happen to be easier for everyone to understand. Improving technical jargon is always worthwhile. -- Harald Koch chk@pobox.com
If we want to go down that rabbit trail, then aren’t we talking about Reputation lists? On Tue, Jun 16, 2020 at 3:44 PM Harald Koch <chk@pobox.com> wrote:
On Tue, Jun 16, 2020, at 15:08, J. Hellenthal via NANOG wrote:
blacklists are not always deny/block/disallow and conformed of things that allow you to take actions whatever your choosing upon their contents and your policies.
What’s next ? redlisting ? Don’t offend the Russians ... blue ? Don’t want to offend the police ...
How about - don't use colour at all, since it's just a culture-specific proxy for the actual meaning? "blacklist" and "whitelist" are challenging for ESL and for people from other cultures. Block list, allow list, filter list, etc. are all more precise terms that happen to be easier for everyone to understand.
Improving technical jargon is always worthwhile.
-- Harald Koch chk@pobox.com
J. Hellenthal, thank you for your reply. I am not in marketing. I represent a team of talented network engineers, some of which are persons of color and under-represented minorities. I believe we, as a community, can do better to effect change, and hold each other accountable to this end. It is a worthy discussion for NANOG to have, particularly as an industry that has struggled in the areas of diversity and inclusion. This may be a great starting point for you on your journey: https://www.nanog.org/stories/our-commitment-diversity-and-inclusion/ https://www.nanog.org/about/code-conduct/ To the OP - I express my appreciation for acknowledging and adjusting the language used in your survey. Regards, - Ryan (past NANOG Program Committee Member) On Tue, Jun 16, 2020 at 1:08 PM J. Hellenthal <jhellenthal@dataix.net> wrote:
Guess we all better start rewriting all of the documentation out there because some PC marketing snowflake wants to get extra brownie points and attention for classifying a color in RGB into a racial divide for which it never originated.
blacklists are not always deny/block/disallow and conformed of things that allow you to take actions whatever your choosing upon their contents and your policies.
What’s next ? redlisting ? Don’t offend the Russians ... blue ? Don’t want to offend the police ...
Leave this crap off the list, it’s not helping anyone.
SMH
-- J. Hellenthal
The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.
On Jun 16, 2020, at 13:27, Ryan Landry <ryan.landry@gmail.com> wrote:
In kind, I'd like to encourage the use of terms like permit/accept list or deny/block list.
Respectfully, -Ryan
On Tue, Jun 16, 2020 at 11:33 AM Rachee Singh <rachee.singh@gmail.com> wrote:
Hi NANOG community,
We are a group of researchers studying the use of IP blacklists as a mechanism to mitigate security threats -- particularly over the IPv6 Internet. We would like to understand if and how you use IP blacklists to secure your networks. Please consider taking our short survey: https://forms.gle/ZEsxyiBivJAfLF7e6
The survey will be anonymous unless you choose to identify yourself.
Thanks, Rachee UMass Amherst
participants (8)
-
Alex Conner
-
Gary E. Miller
-
Hank Nussbacher
-
Harald Koch
-
J. Hellenthal
-
Rachee Singh
-
Rogers, Zachery
-
Ryan Landry