About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

[db-wg] Adequate contact information in the RIPE database must be enforced (was: NCC#2008090071 Unreachable Italian Host)

  • From: "Thor Kottelin" thor@localhost
  • Date: Wed, 3 Sep 2008 11:00:28 +0300
  • Organization: Turvasana Tmi - Safety Words, http://www.anta.net/sw/
Anonymized extracts from a correspondence between a phish takedown operator
and the RIPE NCC:

PIRT: "There's a phish on 192.0.2.227. The server is rooted. The address
a@localhost in the IP whois comes back 'host not found'. The ASN address
we have, b@localhost, comes back 'connect timeout'. c@localhost
comes back 'Address rejected'. The webform on the allocee's website (such as
it is) doesn't actually do anything.--RIPE can you contact the IP owner and
get them to update your database please."

RIPE NCC: "Please try contact the Network owners/maintainers. Phone number
registered for the maintainer is correct and working."

PIRT: "I'm a volunteer and don't have the resources to make international
phone calls. Plus I don't speak Italian (I don't write Italian either but
there are websites for translation, which is why email is preferable).
Doesn't RIPE have the resources to do this? And isn't it in your interest to
keep the database accurate? Otherwise what's the point? I have already
emailed the d@localhost address.  I have had no reply and the phish is
still active."

RIPE NCC: "There may be options we could pursue to check the validity of the
contact data in the objects in the RIPE Database. Where we have a direct
relationship with the owners of these objects we could request that they
update this information. But we do not have a mandate from the RIPE
community to allocate any resources to this activity."

(End of correspondence extracts.)


The issue of false or otherwise inadequate RIPE database entries has been
discussed before in various RIPE working groups. It is bizarre that the
problems nevertheless continue, year in and year out.

Publishing sufficient and up-to-date contact information in the RIPE
database should be an absolute prerequisite for holding any kind of
RIR-allocated resource. Whenever a deficiency is discovered and reported,
the RIPE NCC should efficiently and urgently contact the allocee, requiring
a full and immediate correction. If one is not made, the resources should be
deregistered.

I realize that IP connectivity is not directly contingent on registration,
but I also believe that allocees would still want to avoid having their
resources bogonized. Should this pressure nevertheless prove insufficient,
further sanctions, such as elevated fees, should be available.

It is intolerable that important and urgent security-related communications
repeatedly fail due to a lack of adequate contact information.

--
Thor Kottelin
CISM, CISSP
fax +358 102 961 064
thor@localhost, PGP 0x327B7345
http://www.anta.net/
Post To The List:

Replies

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community