My question is as follows - We are losing customers because of this
problem. It is costing us reputation and money. It is out of our
control. If you were us, what would you do? We have already asked
ARIN
to reassign us to a "friendlier" CIDR, and they refuse.
ARIN don't guarantee routability of the blocks they allocate, and it's
difficult to see how they ever could.
If you want to discuss what ARIN could or could not do, then please join
the ARIN ppml list.
Perhaps this is an issue of community education, or one of needing
better tools or methods for managing martian filters. Those issues are
arguably both technical and operational.
The original poster doesn't have a problem with the community. He has a
problem with network operators who are not part of the community and that
is a reality of today's Internet that cannot be dealt with by technical
tools or operational methods.
But there are non-technical and non-operational actions actions that ARIN
could take to help. The details of those actions and whether or not ARIN
members want to act are matters for the ppml list.
--Michael Dillon
ARIN don't guarantee routability of the blocks they allocate, and it's
difficult to see how they ever could.
If you want to discuss what ARIN could or could not do, then please join
the ARIN ppml list.
I don't, but thank you for the advice.
Perhaps this is an issue of community education, or one of needing
better tools or methods for managing martian filters. Those issues are
arguably both technical and operational.
The original poster doesn't have a problem with the community. He has a
problem with network operators who are not part of the community and that
is a reality of today's Internet that cannot be dealt with by technical
tools or operational methods.
By "community" I meant "people who operate devices connected to the Internet".
If there was definitively no way to educate this community, or to provide tools or methodologies which allowed members of it to cooperate, the Internet would not exist.
Joe
The problem is that there's a large trickle-down factor to deal with. Yes,
after many years, we've *finally* gotten most sites to shut down their
open SMTP relays. We now get to embark on another Five Year Plan to shut down
open HTTP proxies.
However, the people impacted by the 69.0.0.0/8 problem can't wait that
long for people to fix their martian filters.
Hi, NANOGers.
] We now get to embark on another Five Year Plan to shut down
] open HTTP proxies.
Indeed. The number of open (and openly abused) proxies in my hacked
device database, just from this year, is 21255. That's just my own,
small view of the problem. Imagine the total number. 
Watch out
for those TCP 1080, 3128, and 8080 flows.
Thanks,
Rob.
And don't forget about the biggest of them all, open BIND proxies. After
port 80, port 53 goes through almost as much. A lot of times you don't
need to hack anything, software comes with relay/proxy/recursion enabled.
How do we get software vendors (free, pay, virus) to distribute software
with appropriate defaults?
We blocked port 25, and the spammers used other ports. Should we block IP
protocols 0-255, and ports 0-65535? Should we move to the cable TV model,
you can watch only what we decide you can watch? Users should be
receive-only?