nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Purchased IPv4 Woes

From: Chris Knipe <savage () savage za org>
Date: Sun, 12 Mar 2017 17:59:59 +0200
On Sun, Mar 12, 2017 at 5:40 PM, <valdis.kletnieks () vt edu> wrote:



How does Spamhaus find out the block has been resold?

How do other DNS-based blacklist operators find out?


From the REGISTRY as the ultimate custodian of the IP block.





How do all the AS's that have their own internal blacklists find out that
they should fix their old listings?  (Note that this is the exact same
problem
as "We got blacklisted because of a bad customer, we axed the customer, but
we're still blacklisted", which has been a an unsolved problem for decades
now).


From the REGISTRY as the ultimate custodian of the IP block.


"We got blacklisted because of a bad customer, we axed the customer, but
we're still blacklisted" is a FAR call from what this discussion is about.
 "I got blacklisted because someone else that has NO relevance to me what
so ever was stupid" is more accurate.  You can't punish the purchaser of an
IP block, because of what previous owners of the IP block did.

If I receive a dynamic IP from my ISP on dialup, and the previous user
using that IP hacked the FBI... Am I now to blame because the FBI got
hacked?  NO!  The previous user of the IP is responsible!




And it's awfully easy to game the system by just reselling the block
between
a group of shell companies run by bad actors.



Yes - just like we're playing ping pong with NetFlix (and others) and VPN
providers because of geo restricted content too :-)

It's a loosing battle, and a failed system.  Don't blame the purchaser,
it's a lack of oversight on the part of who ever does the blacklisting.
And that, should form part of being RESPONSIBLE when you DO decide to
blacklist / unblacklist IP blocks.  There are FAR to many companies on the
Internet that simply does what they want, when they want.

I (or anyone else - I haven't purchased IP space from any other source
other than registries, yet), can't be held liable for what others have
done.  Whether it's IP space, whether it's breaking an entering, whether
it's fraud, it doesn't matter. I did not commit the act, and I can't be
held liable.  Your punishing the wrong person, for the wrong reason.

The fact that there's companies out there, CAMPING on /8s which they do not
use and yet refuse to return, is exactly why the internet is sitting in
this predicament.
Previous By Date Next
Previous By Thread Next

Current thread: