This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[members-discuss] My Question To All LIR Members
- Previous message (by thread): [members-discuss] My Question To All LIR Members
- Next message (by thread): [members-discuss] My Question To All LIR Members
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hank Nussbacher
hank at efes.iucc.ac.il
Wed May 28 17:52:50 CEST 2014
At 10:41 28/05/2014 +0100, Edward Dore wrote: No geo-database is perfect. For example, take RIPE. If we use: ftp://ftp.ripe.net/pub/stats/ripencc/delegated-ripencc-latest ftp://ftp.ripe.net/pub/stats/ripencc/RIR-Statistics-Exchange-Format.txt Note they add a disclaimer which wasn't there in Feb 2012: cc = ISO 3166 2-letter country code, and the enumerated variances of {AP,EU,UK} These values are not defined in ISO 3166 but are widely used. The cc value identifies the country. However, it is not specified if this is the country where the addresses are used. There are no rules defined for this value. It therefore cannot be used in any reliable way to map IP addresses to countries Only after I complained did they add that line in. Why? Many companies used that info to do geolocation. Including a two major firewall vendors. So when a number of local companies in Israel decided to stop foreign based attacks by turning on "geo-location" in their f/w and allow only Israel based IPs to access their systems (think banks, insurance companies, municipalties, etc.), guess what happened to all of academia who have their IP ranges listed as country=EU due to ERX transfer from ARIN to RIPE. Yup! Professors were no longer able to access their pension fund info, students were unable to pay their municipal taxes - all because of geo-location. Took me weeks to find each and every one and get the sysadmin to fix their broken geo-location service. And to get the f/w vendors to fix their broken geo-location database pull. I had similar issues with Maxmind since Ookla was/is using them and returning incorrect info. I sent multiple correction reports to correction at maxmind.com and support at maxmind.com and never even received a response. So consider yourself lucky that you are getting responses from them. Bottom line: geo-location sucks and anyone who trusts their systems to it are only thinking along 98% perfection - rather than having a 100% perfect solution. -Hank >The RIPE database is not primarily concerned with GeoIP data, it is a >registry of who specific IP address blocks are allocated to and how they >can be contacted. > >MaxMind may draw some of their GeoIP data from the the RIR databases, but >they also get a lot of it from elsewhere, which allows them to be more >specific than just the country code contained in the RIPE database. > >Additionally, the RIPE database manual states the following for the >"country" field in the "inetnum" object: > >>"It has not been specified what this country means. It cannot therefore >>be used in any reliable way to map IP addresses to countries" > >As a customer of MaxMind, I depend on them providing me with accurate, >useful information about the location and use of IP addresses for fraud >screening etc. If MaxMind were to draw that information only from the RIPE >database, then not only would MaxMind be pointless (as I could just get >the information directly from RIPE) but the accuracy would be >significantly reduced (country level instead of city level) and it would >be easy for people to game the system simply by changing their objects in >the RIPE database to contain false information. > >MaxMind do not "make up" their information, they calculate it from >multiple sources and this is what MaxMind customers are buying - data >derived from multiple sources and processed by MaxMind's algorithms. > >Obviously these algorithms are never going to be 100% accurate, which is >why if people believe that the data contained in the MaxMind database is >inaccurate then they can submit suggestions for corrections which MaxMind >will then evaluate. MixMind are under no obligation to use any corrections >submitted and are quite right to reject them if they believe that they are >inaccurate or misleading for any reason. > >Accuracy of their database is important to MaxMinds' customers and thus to >MaxMind. If their database is largely inaccurate, then it is useless to >their customers and MaxMind will lose business as a result. Obviously it >is therefore in MaxMind's best interest to keep their database as accurate >and up to date as possible. > >As for the open proxy vs VPN, I can completely understand why MaxMind >could detect VPNs as open proxy servers and as a user of their minFraud >service I would expect to treat the two in exactly the same way because >they are providing an identical function - to obscure the location and >details of the end user. > >Edward Dore >Freethought Internet > >On 28 May 2014, at 10:02, ><mailto:admin at intl-alliance.com>admin at intl-alliance.com wrote: > >>I depend on Maxmind using data obtained from a central registry. If all >>ip tracing websites created their own databases with information they >>made up, we wouldn't bother with the RIPE database any more because it >>would become obsolete. We depend on ip tracing websites to gather their >>information from authority sites, not the garbage they produce on their >>own. And I'm only interested, as well as my end-users, of seeing ip >>information that I've registered in the appropriate places. Simply >>stating that "we're only interested in end-user locations" rather than >>ip registration data, sits badly in my mind. And it has also caught the >>attention of the RIPE NCC itself, which just sent me the following email >>regarding this situation: >> >>Dear Jared, >> >>Thank you for your email. >> >>We value your concern about correct registration details for internet >>resources. >> >>However the RIPE NCC has no authority on how private companies compile >>their data and how much they take information from the RIPE database in >>account. >>Did you contacted MaxMind directly and informed them about the >>mismatching information they provide? Because finally if information are >>incorrect then this is not only damaging companies like yours but also >>the reputation of the providers of this data. >> >>And I will forward your observation to my colleagues from the >><http://stat.ripe.net>stat.ripe.net team as there for Geolocation we are >>using data from >>MaxMind. >><https://stat.ripe.net/193.0.20.0#tabId=geo>https://stat.ripe.net/193.0.20.0#tabId=geo >> >>Then my colleagues will check if there could be any conflicting >>information in our own tools. >> >>-- >>Thank you again for bring up this topic. >> >>Kind regards, >> >>Marco Schmidt >>RIPE NCC >> >> >>On 2014-05-28 09:52, Alfredo Sola wrote: >>>>That thought was kind of pointless after they refused to help. I've >>>>spent hours on their site manually updating all of their inaccuracies >>>>over the past few years. From one month to the next they can screw up >>>>entire ranges with their monthly updates. My networks do not run >>>>proxies >>>>period. I run vpn services and remote desktops, but never proxies. And >>>>vpn services cannot be classified the same as open proxies as they are >>>>totally different. >>> >>>I think your issue is more a business model problem than a registry >>>or IP problem. >>> >>>What you are saying is that you depend on Maxmind providing the >>>location of your VPN servers / remote desktop servers rather than the >>>location of users computers connected to them. Maxmind, on the other >>>hand, is saying that they provide the location of users if they can, >>>or will mark the location as unknown. >>> >>>So your business model depends on Maxmind agreeing to provide to >>>their customers something which is not what they pay to obtain. And >>>they refuse. I personally don't think they can be blamed for that, but >>>that's something between your company and Maxmind. And nothing in this >>>has to do with RIPE. >> >>---- >>If you don't want to receive emails from the RIPE NCC members-discuss >>mailing list, please log in to your LIR Portal account and go to the >>general page: >>https://lirportal.ripe.net/general/ >> >>Click on "Edit my LIR details", under "Subscribed Mailing Lists". From >>here, you can add or remove addresses. > >---- >If you don't want to receive emails from the RIPE NCC members-discuss >mailing list, please log in to your LIR Portal account and go to the >general page: >https://lirportal.ripe.net/general/ > >Click on "Edit my LIR details", under "Subscribed Mailing Lists". From >here, you can add or remove addresses.
- Previous message (by thread): [members-discuss] My Question To All LIR Members
- Next message (by thread): [members-discuss] My Question To All LIR Members
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]