[anti-abuse-wg] whois access
Wilfried Woeber, UniVie/ACOnet Woeber at CC.UniVie.ac.at
Thu Dec 15 21:27:17 CET 2011
russ at consumer.net wrote: > I don't want to change anything, ...so I could stop reading? > I just want to get my site unblocked > from RIPE. ARIN has agreed that I have a legit need and has removed all > blocks. Fine, I'm sure ARIN had good reasons to act as they did, either favourably to your interests, or not, it simply doesn't matter in the RIPE Region. > After 13 years RIPE suddenly blocked me Sorry, the bulk access/harvesting prevention mechanisms have been in place for a *very* long time. So, I guess the "suddenly" is more likely to be related to a change in your query pattern and/or frequency, than to a change in the mechanisms. > and will not remove the > block no matter what explanation I give and they won't answer my > questions. Although I am not a native speaker, I think you are contradicting yourself within a single sentence? > They just tell me I have to change my queries to include a > "-r" I am in contact with the software vendor and I am trying to get > something done but I had no prior notice. I am getting complaints and > the following I have built up over 13 years is being lost. Even if I > can include the "-r" the abuse contact will no longer show up and people > are going to leave my site anyway. This is a major disaster for me and > I cannot get any of my questions answered from RIPE or ICANN/IANA. They > couldn't care less. Well - although this is formally outside the topic of discussion - looking at your style, approach and choice of words, I am not overly surprised... >>> As for passing through the IP of the requesters of the whois records I >>> have asked about this several times. ARIN told me they don't support >>> it and RIPE won't answer my inquiries. Are there standards for that >>> or any other information about setting up some sort of ip address >>> pass-through or proxy for whois queries for the RIR's? For the full set of 5 RIRs? My educated geuss would be: NO. >> That's because whois is one of the simplest protocols there is. For >> example, to get the details for 192.0.2.1, just telnet into port 43 of >> whois.ripe.net. As soon as the disclaimer comes up, type "192.0.2.1" >> followed by enter, and you get the results. >> >> Why would you want to mess up as simple a protocol as that with >> something like the X-Forwarded-For header in HTTP? >> >> RIPE can only see the IP you're connecting from, and it's doing a lot >> more traffic than a normal IP. If you have a legit need, they can and >> will give you bulk access for that ip. >> >> Niall. Wilfried. PS: and even I ( :-) ), or rather the lab where I am doing teaching this stuff, get blocked when we activate the triggers, for one reason or another. And that's how it is meant to work :-) PPS: regarding your contacts to entities "cleverly" circumventing the bulk access prevcention mechanisms, we'd be interested to get those leads, because there's a good chance that these parties are violating the "RIPE Database Terms and Conditions", aka AUP and need to be contacted.