RE: Schneier: ISPs should bear security burden

["Miller, Mark" <mark.miller () qwest com>]

 Unfortunately, a lot of static "business" DSL IP space is still on
those lists and legitimate mail servers can get blocked.  I usually use
the DUL as a "white list" to negate hits on the traditional dnsbls since
those are almost always stale.

 - Mark



-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Dave Rand
Sent: Friday, April 29, 2005 4:07 AM
To: Steve Sobol; Mark Newton
Cc: Owen DeLong; Bill Stewart; North American Networking and Offtopic
Gripes List
Subject: Re: Schneier: ISPs should bear security burden


[In the message entitled "Re: Schneier: ISPs should bear security
burden" on Apr 28, 10:20, "Steve Sobol" writes:]
> There are some basic rules of thumb you can use. The problem is that 
> they're not guaranteed to work. The best solution was created years 
> ago (Gordon Fecyk's DUL, which lists IP ranges the ISPs specifically 
> register as dynamic/not supposed to host servers) and eventually came 
> under the purview of Kelkea/MAPS, but there wasn't a ton of ISP 
> buy-in. If we could create a similar list and actually get ISPs to 
> register the appropriate netblocks (and not mix in IPs where servers 
> are allowed, and IPs where they aren't, in the same block), that'd be
great.

Dunno what a ton of ISP buy-in is, but the MAPS DUL now contains about
190,000,000 entries.  We've been working on it very hard for the last
year or two.  Most ISP-level subscribers figure it stops a pretty large
percentage of the compromised-home-computer spam.

--