Abuse procedures... Reality Checks

Wed Apr 11 11:07:19 UTC 2007

Stephen Satchell wrote:
>
> SWIPs are required for reallocations of /29 and larger if the 
> allocation owner does not operate a RWhoIs server.
>
> Of course, SWIP is a ARIN thing, and you work for BRITISH 
> TELECOMMUNICATIONS PLC.  As a US network operator, I was well aware of 
> the requirements for SWIP, because ARIN rules make it clear that, as a 
> netblock owner of an ARIN allocation, I'm required to do it.
>

Being I work at a US network operator and others who've been
attacking my hosts come from US network operators, who can
I complain to when some of the bigger fish not complying with
these so called rules? Many network operators are required to
do a lot of things, one of these things should be the
mitigation of malicious traffic from LEAVING their network.

If some of these companies can't follow the rules, then I see
no need for me to discontinue "punishing" allocations on their
CIDRs whenever my network is attacked since it seems to be the
only method I found to 1) protect my networks and clients and
2) to get someone's attention.

> Which numbering authority do you work with day to day?
>
Me? I work for an authority that many bigger provider should be
following its guidelines and setting examples for smaller
network operators. I shouldn't have to do the work for some of
these bigger operators. I shouldn't have to send emails making
them aware that 40 hosts on their /24 are sending out malicious
traffic.

Maybe ARIN staff should start re-writing policies and
implementing out punishments. Guarantee you if operators were
penalized for not following rules, for allowing filth to leave
their networks, I bet you many maladies on the net would be
cut substantially.

Not going to be a popular stance to most of the bigger fish, but
lets get real here, looking at normal everyday life, if a
country were shipping rotten products, don't you think those
in government would call for measures to halt these products
else no business would occur with said country. Why not
re-write policies to do the same with networks.

I will always point to dampening/flapping on BGP as a baseline...
Company X violates, null route them for a second or two until
they comply. They still don't listen double the penalty and
null route them twice the amount. Once their pockets start
hurting, they'll get a clue. And if their engineers still
don't get it, then management of that company would be fools
to keep their lazy asses around.

-- 
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net

The happiness of society is the end of government.
John Adams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5157 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20070411/65fa0d84/attachment.bin>