Re: Purchased IPv4 Woes

[Chris Knipe <savage () savage za org>]

On Sun, Mar 12, 2017 at 7:53 PM, Baldur Norddahl <baldur.norddahl () gmail com>
wrote:

> Den 12/03/2017 kl. 18.14 skrev Brielle Bruns:
>
> > http == TCP
> > DNS == (usually) UDP
> >
> > Big difference here.  One requires a three way handshake tearup/teardown,
> > the other does not.
> >
> > It is not an apples to apples comparison.
> You can replicate (download) the whole WHOIS if you need to. There is also
> no requirement that removal from reputation lists is instant. We would be
> good if it happened just within a month or even half a year. The situation
> now is however that you will never have it removed and many reputation
> services will ignore you if try to contact them for manual removal.
>
> At least in the RIPE managed space there IS a reliable way to know for
> sure who owns a block. Can you know that the new owner is any better than
> the old? Of course not, but that is true even for "fresh" address space.
>
> I am not a fan of reputation services that blacklist forever. It is just
> wrong and open for abuse of power. But not much I can do about that other
> than not using their service.
Also, no reason why a UDP (or DNS based even) query can't be implemented to
facilitate reputation lookups for ASNs, or even ownership.






-- 

Regards,
Chris Knipe