Repeated Blacklisting / IP reputation

• Previous message (by thread): Repeated Blacklisting / IP reputation
• Next message (by thread): Repeated Blacklisting / IP reputation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Sep 9, 2009 at 7:18 PM, Alex Lanstein <ALanstein at fireeye.com>
wrote:

> Along the same lines, I noticed that the worst Actor in recent memory
> (McColo - AS26780) stopped paying their bills to ARIN and their addresses
> have been returned to the pool.
>
> It's my opinion that a very select number of CIDR blocks (another example
> being the ones belonging to Cernel/InternetPath/Atrivo/etc, if it were
> ever fully extinguished) are, and forever will be, completely toxic and
> unusable to any legitimate enterprise.  Arguments could be made that
> industry blacklists can and should be more flexible, but from the
> considerably more innocuous case in this thread, that is apparently not
> the modus operandi
>

With regards to Cernel/Internet Path/UkrTelGrp, it needs to be
"extinguished" first. :-)

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFKqGZIq1pz9mNUZTMRAnE3AKCL76mNabIzAf5FCWRfqci3YW5QKACgtLNJ
AXSIGuT1tIe0R+tm+VL/Flc=
=NYQS
-----END PGP SIGNATURE-----



-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

• Previous message (by thread): Repeated Blacklisting / IP reputation
• Next message (by thread): Repeated Blacklisting / IP reputation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]