nanog mailing list archives

Re: SORBS?!

From: Brett Frankenberger <rbf+nanog () panix com>
Date: Fri, 6 Apr 2012 16:33:05 -0500

On Thu, Apr 05, 2012 at 06:45:30PM +0100, Nick Hilliard wrote:

On 05/04/2012 17:48, goemon () anime net wrote:

But they will care about a /24.


I'm curious as to why they would want to stop at /24.  If you're going to
take the shotgun approach, why not blacklist the entire ASN?


It's a balancing act.  Too little collateral damage and the provider
hosting the spammer isn't motivated to act.  Too much collateral
damage, and no one uses your blacklist because using it generates too
many user complaints, and then your list doesn't motivate anyone to do
anything because there's no real downside to being on the list.  Just
the right amount of collateral damage, and your list gets widely used,
and causes enough pain on the other of the /24 that they clean things
up.

I'm not arguing for or against any particular amount of collateral
damage.  Just commenting on the effects of varying amounts of
collateral damage.

     -- Brett

Current thread:

Re: SORBS?!, (continued)
- - Re: SORBS?! Mike Andrews (Apr 04)
  - Re: SORBS?! Alain Hebert (Apr 04)
    - Re: SORBS?! Landon Stewart (Apr 04)
- Re: SORBS?! Sam Oduor (Apr 05)
  - RE: SORBS?! Drew Weaver (Apr 05)
    - RE: SORBS?! goemon (Apr 05)
    - Re: SORBS?! Landon Stewart (Apr 05)
    - Re: SORBS?! Jon Lewis (Apr 06)
    - Re: SORBS?! Nick Hilliard (Apr 05)
    - Re: SORBS?! PC (Apr 05)
    - Re: SORBS?! Brett Frankenberger (Apr 06)
    - RE: SORBS?! Drew Weaver (Apr 06)
    - Re: SORBS?! Valdis . Kletnieks (Apr 06)
    - RE: SORBS?! Drew Weaver (Apr 06)
    - Re: SORBS?! Valdis . Kletnieks (Apr 06)
    - Re: SORBS?! Jimmy Hess (Apr 06)
    - Re: SORBS?! Robert Bonomi (Apr 06)
    - Re: SORBS?! William Herrin (Apr 06)
    - RE: SORBS?! Drew Weaver (Apr 06)
    - Re: SORBS?! William Herrin (Apr 06)
- Re: SORBS?! Chris Conn (Apr 04)