On Tue, Sep 08, 2009 at 02:34:10PM -0500, Joe Greco wrote:
> > there is a fundamental disconnect here. the IP space is neutral.
> > it has no bias toward or against social behaviours. its a tool.
> > the actual/real target here are the people who are using these tools
> > to be antisocial. blacklisting IP space is always reactive and
> > should only beused in emergency and as a -TEMPORARY- expedient.
> >
> > IMHO of course., YMMV.
>
> Show me ONE major MTA which allows you to configure an expiration for
> an ACL entry.
call me old skool... VI works a treat and I'm told there
is this thing called emacs ... but i remain dubious.
>
> The problem with your opinion, and it's a fine opinion, and it's even a
> good opinion, is that it has very little relationship to the tools which
> are given to people in order to accomplish blocking. Kind of the question
> I was contemplating in my other message of minutes ago.
if all you have is a hammer...
folks need better tools.
> If people were given an option to "block this IP for 30 minutes, 24 hours,
> 30 days, 12 months, 5 years, or forever" - I wonder how many people would
> just shrug and click "forever."
which is their choice. please show me the mandate for accepting
routes/packets from any/everywhere?
me, i'd want the option to "block 192.0.2.0/24 as long as it
is announced by AS 0 and the whois data points to RIAA as the
registered contact" e.g. not just a temporal block.
or - if traffic from 192.0.2.80 increases more than 65% in a 150
second interval, block the IP for 27 minutes.
or - allow any/all traffic from 192.0.2.42 - regardless of the
blocking on 192.0.2.0/24
the mind boggles.
> This may lead to the discovery of another fundamental disconnect - or two.
such is the course of human nature.
>
> Sigh.
>
> ... JG
> --
> Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
> "We call it the 'one bite at the apple' rule. Give me one chance [and] then I
> won't contact you again." - Direct Marketing Ass'n position on e-mail
> spam(CNN)
> With 24 million small businesses in the US alone, that's way too many apples.
