Home page logo
/

nanog logo nanog mailing list archives

Re: Remote email access
From: Michael.Dillon () radianz com
Date: Wed, 5 Feb 2003 09:04:08 +0000


Hence there is no space-efficient way of noting an authority
chain, other than entering every single IP address ever assigned, all in
one big data base.

Alas, that ain't feasible. 

I beg to differ. Essentially, the collective databases of the address 
registries are the data base that you describe. But...

At a minimum, it is essentially impossible to
keep such a database up to date.

You may be right. The ARIN, RIPE and APNIC databases are filled with junk, 
lies, and inaccuracies. On the face of it this seems to prove that it is 
impossible to keep the data up to date. However, since there has never 
been any significant effort to ensure that the databases are accurate and 
up to date, this could change.

If ARIN, RIPE and APNIC were to find some financial and political support, 
then I believe that they could provide a global authoritative database of 
all IP address ownership that was reasonably accurate and up to date. If 
this could be queried by a standard protocol such as LDAPv3 (Referral 
LDAP) then the distributed database could be queried in much the same way 
as the distributed DNS is.

What would be the point? Well, if my MTA receives a connection on port 25 
I could look up the source IP address in the LDAP directory to identify 
the owner. Since an LDAP directory can contain arbitrary information 
related to its entries, perhaps I could find out whether or not that 
source IP is registered as an SMTP server and also retrive the abuse email 
address of the organization who has registered this address.

--Michael Dillon




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]