NANOG Channel Archives and Editorializing
Folks, I've received periodic requests from individuals who feel somehow slighted by posts contained in the NANOG archives. As you may or may not know, we host a MHonArc'd version of the list as a Searchable archive of web pages and an IE/NEtCaster Channel. A request came in today to remove a post that listed a number of hosts open for relaying. The individual asked me to remove the message so as to minimize the damage it causes the owners of the listed relays, including himself. Since these are generated from the flat archives at Merit, I'm loath to start editorializing. What do folks think? Should we edit the archives to remove "dangerous" information, or let them stand on their merits (no pun intended) and let the roaches scatter in the light? Respond privately unless you absolutely feel a need to start a discussion on it. I'll post the decision I come to on the list. Eric ========================================================================== Eric Germann CCTec ekgermann@cctec.com Van Wert, OH 45891 http://www.cctec.com Ph: 419 968 2640 Fax: 419 968 2641 Network Design, Connectivity & System Integration Services A Microsoft Solution Provider
At 20:38 8/5/98 -0400, you wrote:
A request came in today to remove a post that listed a number of hosts open for relaying. The individual asked me to remove the message so as to minimize the damage it causes the owners of the listed relays, including himself.
Since these are generated from the flat archives at Merit, I'm loath to start editorializing. What do folks think? Should we edit the archives to remove "dangerous" information, or let them stand on their merits (no pun intended) and let the roaches scatter in the light?
I vote to let them stand. The person(s) who feel they are slighted or in danger from a public list (of information that is, after all, not all that hard to obtain independently) needs only to correct the problem to remove the danger.
Respond privately unless you absolutely feel a need to start a discussion on it. I'll post the decision I come to on the list.
I think it's an area deserving of public discussion. There are numerous "open relay" lists around, from folks genuinely trying to be helpful to spammers sharing info, so removal from the archives is not really going to do much for the issue one way or another. However, the question is begged: "Should information on potential network abuse points be shared and public or not?" Wabbit season!..duck season!..wabbit season!..duck season!..SPAMMER SEASON! Dean Robb PC-EASY computer services (757) 495-EASY [3279]
On Thu, 6 Aug 1998, Dean Robb wrote:
I think it's an area deserving of public discussion. There are numerous "open relay" lists around, from folks genuinely trying to be helpful to spammers sharing info, so removal from the archives is not really going to do much for the issue one way or another. However, the question is begged: "Should information on potential network abuse points be shared and public or not?"
Yes. View it the same as Bugtraq. If you find a problem, let the owner know and give them ample time to respond and fix it. If it is not quickly taken care of, add them to the list. That is the only way you will ever get things done. If telling them privately doesn't work, telling the world and embarrasing them in front of peers might. So the spammers get the list... it might get the problem fixed quicker. .015 Sam
At 10:26 AM 8/6/98 -0400, Dean Robb wrote:
At 20:38 8/5/98 -0400, you wrote:
A request came in today to remove a post that listed a number of hosts open for relaying. The individual asked me to remove the message so as to
I vote to let them stand. The person(s) who feel they are slighted or in
Respond privately unless you absolutely feel a need to start a discussion on it. I'll post the decision I come to on the list.
I think it's an area deserving of public discussion. There are numerous "open relay" lists around, from folks genuinely trying to be helpful to spammers sharing info, so removal from the archives is not really going to do much for the issue one way or another. However, the question is begged: "Should information on potential network abuse points be shared and public or not?"
Yes it should. All of the majors mail packages now have versions out that will correct the problem. Those that are still open for relaying are in that state becasue they don't want to upgrade. As long as they are in that condition they are a "nav hazard". There are software utilities that will scan the Internet for open-relay hosts, by IP address. Not putting them on a list will not hide them from these scanners. However, it will help the spam-fighter to know where these sites are, they can be black-holed. _________________________________________________ Morgan Hill Software Company, Inc. Colorado Springs, CO - Livermore, CA - Morgan Hill, CA Domain Administrator MHSC2-DOM and MHSC3-DOM Administrative and Technical contact ____________________________________________ InterNIC Id: MHSC hostmaster (HM239-ORG) e-mail: <mailto:hostmaster@mhsc.com>mailto:hostmaster@mhsc.com web -pages: <http://www.mhsc.com/>http://www.mhsc.com/
At 19:12 8/6/98 -0700, you wrote:
do much for the issue one way or another. However, the question is begged: "Should information on potential network abuse points be shared and public or not?"
Yes it should. All of the majors mail packages now have versions out that will correct the problem. Those that are still open for relaying are in that state becasue they don't want to upgrade. As long as they are in that condition they are a "nav hazard".
There are software utilities that will scan the Internet for open-relay hosts, by IP address. Not putting them on a list will not hide them from these scanners. However, it will help the spam-fighter to know where these sites are, they can be black-holed.
This is basically my point and position. Problems cannot be fixed if they are not first identified. If someone should get abused, and the abuser got the relay from a list and not his own efforts, that *should* encourage the relay owner to get off his/her/it's duff. No one is as security concious as he who has just been robbed. Wabbit season!..duck season!..wabbit season!..duck season!..SPAMMER SEASON! Dean Robb PC-EASY computer services (757) 495-EASY [3279]
I vote to let the entire archive stand in its own light, unedited. Everything else quickly gets to the point where it becomes a serious question of censorship. That includes network abuse. If somebody posts wrong information or is simply mistaken about issues, post a correction. What, have you guys all lost the ability to communicate and solve conflicting views in civilized, verbal discourse? This is a public forum, treat it as such. If you don't want something to be public knowledge or are unable to communicate in words, don't post it here. Thanks, Chris -- Christian Kuhtz, BellSouth Corp., Sr. Network Architect <ck@bellsouth.net> 1100 Ashwood Parkway, Atlanta, GA 30338 <ck@gnu.org> "Legalize free-enterprise murder: why should governments have all the fun?" -- /usr/games/fortune
participants (5)
-
Christian Kuhtz
-
Dean Robb
-
Eric Germann
-
Roeland M.J. Meyer
-
Sam Hayes Merritt, III