Repeated Blacklisting / IP reputation
Paul Ferguson
fergdawgster at gmail.com
Thu Sep 10 02:37:01 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Sep 9, 2009 at 7:18 PM, Alex Lanstein <ALanstein at fireeye.com>
wrote:
> Along the same lines, I noticed that the worst Actor in recent memory
> (McColo - AS26780) stopped paying their bills to ARIN and their addresses
> have been returned to the pool.
>
> It's my opinion that a very select number of CIDR blocks (another example
> being the ones belonging to Cernel/InternetPath/Atrivo/etc, if it were
> ever fully extinguished) are, and forever will be, completely toxic and
> unusable to any legitimate enterprise. Arguments could be made that
> industry blacklists can and should be more flexible, but from the
> considerably more innocuous case in this thread, that is apparently not
> the modus operandi
>
With regards to Cernel/Internet Path/UkrTelGrp, it needs to be
"extinguished" first. :-)
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFKqGZIq1pz9mNUZTMRAnE3AKCL76mNabIzAf5FCWRfqci3YW5QKACgtLNJ
AXSIGuT1tIe0R+tm+VL/Flc=
=NYQS
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawgster(at)gmail.com
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG
mailing list