Good morning.
Seeing the activity in regards to our company here at NANOG, I believe this is the most reasonable and responsible place to respond to the current issues on our network. We hope to obtain non-bias opinion's and good honest and truthful information from the users here.
Being that there are much larger operators here then us, what kind of insight can you give to the issues that have arisen?
We've near completely removed (completion monday 09/08/08) Hostfresh from our network. 2 of their /24's have been removed:
58.65.238.0/24 dropped
58.65.239.0/24 dropped
The machine's they leased from us have been canceled.
Good morning.
Seeing the activity in regards to our company here at NANOG, I believe this is the most reasonable and responsible place to respond to the current issues on our network. We hope to obtain non-bias opinion's and good honest and truthful information from the users here.
Being that there are much larger operators here then us, what kind of insight can you give to the issues that have arisen?
We've near completely removed (completion monday 09/08/08) Hostfresh from our network. 2 of their /24's have been removed:
58.65.238.0/24 dropped
58.65.239.0/24 dropped
The machine's they leased from us have been canceled.
Thank you Russ. That is a great step in the right direction dropping this one client. It is appreciated, although it's just one bad apple on a big tree.
However, I don't want to pick on you, so let's reframe the subject:
What do you suggest for the next move?
Well, perhaps you can share any information with us on a legitimate client you have?
I do not think it is appropriate for ISPs to have to prove or demonstrate the
legitimacy of their customer base. As a legitimate customer of an ISP, I
would be *highly* incensed if my privacy were to be violated simply to
provide "proof" that the ISP had legitimate clients.
The notion of "innocent until proven guilty" I think is a much better model for
us to work with. If you find clear miscreants, and have data to back it up,
then a call for cleaning up the miscreants is somewhat acceptable, though
I worry that we may descend into a witch hunt if this is taken too far to the
extreme. However, a call to "prove your innocence" is entirely uncalled for,
and opens ISPs up to being caught on the horns of a very nasty dillemma;
either to maintain their customer's privacy, and be labelled as an evil, nasty,
non-cooperative provider that must therefore be guilty, by their very dint of
failure to prove their innocence; or, reveal their law-abiding,
legitimate client
information, and and then quickly lose those clients when they realize their
records are no longer considered private at that ISP.
If you have proof of clients engaging in illegal practices, then it is
appropriate
to go after those clients. But leave the legitimate clients alone.
*putting down his pitchfork and torch, and walking away from the mob*
"> I do not think it is appropriate for ISPs to have to prove or demonstrate the
legitimacy of their customer base"
Here is the exact point of contention and the point where I think
people disagree. ISPs are the **first** line of defense against
malware and badware. They are the ones closest to the customer and
best able to "whack-a-mole". For those ISPs that do cater to a high
proportion of bad actors, I quite rightly want them to demonstrate
their legitimacy. By peering with them, there is a trust relationship
formed... if there is a question that goes right to the heart of that
trust, they ought to answer it, otherwise they ought to be de-peered
as well.
Thank you Russ. That is a great step in the right direction dropping this
one client. It is appreciated, although it's just one bad apple on a big
tree.
However, I don't want to pick on you, so let's reframe the subject:
What do you suggest for the next move?
Well, perhaps you can share any information with us on a legitimate client
you have?
I do not think it is appropriate for ISPs to have to prove or demonstrate the
legitimacy of their customer base. As a legitimate customer of an ISP, I
would be *highly* incensed if my privacy were to be violated simply to
provide "proof" that the ISP had legitimate clients.
What you say in this email makes a lot of sense. Thanks for pointing that out.
Not being a lawyer, I think this also makes sense legally (as far as the Britain-like systems go).
As to this particular case, I'd be satisfied if I see even just all the fake DNS traffic stop heading their way, anyway.