backbones filtering unsanctioned sites

Christopher Morrow morrowc.lists at
Fri Feb 10 22:03:56 UTC 2017

On Fri, Feb 10, 2017 at 2:08 PM, Ken Chase <math at> wrote:

>   >"Abuse cannot not provide you a list of websites that may be
> encountering
>   >reduced visibility via Cogent"
> They could, if they kept a list of forward lookups they had done to get IPs

i think you mean passive-dns .. which is a thing, and exists.
(mumble (passive total|farsight|deteque|....) mumble)

> that ended up in their blacklists. But just having the IPs it's impossible
> to
> get the whole list of possible hostnames that point at it (reverse records
> are
> singular, and often missing).
> Nonetheless, it'd be nice to know how a single IP got onto the list - and
> what
> Cogent's doing about situations where multiple other hostnames map onto the
> same ip.
it's totally possible that the list here is really just a court-order
addition, right? I can't imagine that there is a cogent employee just evily
twiddling pens and adding random ips to blacklists...

> I have clietns that are Cogent customers, I'd just like to get informed
> before
> I bring the hammer down.
it's worth noting that fairly much every service provider has a provision
like cogent's 'force majaure' clause  which includes: '...any law, order,

so it seems safe to assume that there's some court order cogent reacted to
:( we should fight that problem upstream.

> /kc
> --
> Ken Chase - math at Guelph/Toronto Canada
> Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151
> Front St. W.

More information about the NANOG mailing list