Any way to P-T-P Distribute the RBL lists?

• Previous message (by thread): Any way to P-T-P Distribute the RBL lists?
• Next message (by thread): Any way to P-T-P Distribute the RBL lists?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 25 Sep 2003, Eric A. Hall wrote:
 > >             I know you all have probably already thought of this, but
 > > can anyone think of a feasible way to run a RBL list that does not have
 > > a single point of failure? Or any attackable entry?
 >
 > Easy. Have the master server only be reachable by replication partners
 > through a VPN connection, and have dozens of secondaries advertising
 > through multiple anycast addresses.

So why couldn't you follow this plan without the VPN and anycast?  Have a
couple of master servers totally unpublished (nobody except the secondaries
know about it), then have dozens of secondaries that are the ones actually
used (or AXFR'd off of).  You can't attack all the secondaries at once if
there are enough of them, and the master server is unknown (hopefully).

You could certainly improve on that system with a VPN, but the service is
reasonable without it.  Make your secondaries be volunteers who sign an
agreement to never tell anyone what your master IP addresses are.  If they
get out, shift the master files to a secondary, notify the other secondaries
by secure channels, and you're back in business.

Even better - Publish all the servers, nobody knows who the masters are of
this list of N servers, and rotate it when needed or every so often.

I'd be a secondary/rotating master in that setup.  I'm sure you'd get a
bunch of volunteers.

Aaron

• Previous message (by thread): Any way to P-T-P Distribute the RBL lists?
• Next message (by thread): Any way to P-T-P Distribute the RBL lists?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]