Botnets buying up IPv4 address space

Benson Schliesser bensons at queuefull.net
Fri Oct 7 18:47:19 CDT 2011


The important outcome is that transfers are documented. Making it easier for sellers to update Whois (so it points to the buyer) will encourage documentation.  If "needs justification" is ever a disincentive to update Whois, then it will discourage documentation.

Granted, a seller that doesn't update Whois should be more worried about the reputation of the buyer. But regardless, it is incorrect to assume that "needs justification" will prevent bad actors from acquiring address blocks. Even bad actors can justify their need, and some of them might even (*gasp*) lie about it in order to get what they want. The result would look like a normal transfer (with justified need, a Whois update, etc) and yet would result in a bad actor becoming an address holder.

Cheers,
-Benson


On Oct 7, 2011, at 6:08 PM, Jimmy Hess wrote:

> On Fri, Oct 7, 2011 at 1:11 PM, Joly MacFie <joly at punkcast.com> wrote:
>> I'd welcome comments as to solutions to this. Or is it just scaremongering?
> Probably scaremongering... but it does raise an interesting thought.
> 
> It provides another argument why RIRs don't need to abandon justified
> need as a mandatory
> criteria for transferring addresses to specified recipients out of
> fear that  legacy and other
> holders will engage in "unofficial" sales and transfers that they
> intentionally fail to record via WHOIS.
> 
> The legacy holder/unofficial transferror would be putting the
> reputation of their entire address block,
> and their other allocations at risk;  if the buyer eventually hands
> some of the unofficial allocation
> to a spammer, either by accident, or intentionally, doesn't matter.
> 
> The holder of addresses that unofficially transferred them, could have
> some major headaches,
> including service-affecting headaches to their network...  just to
> sell  spare IP addresses faster for
> a few extra bucks;   when there is a legitimate process available
> that doesn't have that risk?
> 
>> j
> --
> -JH
> 




More information about the NANOG mailing list