This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-services-wg@ripe.net/
[ncc-services-wg] RIPE50 - NCC Services WG Draft Minutes
- Previous message (by thread): [ncc-services-wg] RIPE50 - NCC Services WG Draft Minutes
- Next message (by thread): hostcount features [Re: [ncc-services-wg] RIPE50 - NCC Services WG Draft Minutes]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Pavel Vachek
nic at ces.net
Mon Jun 27 15:36:47 CEST 2005
Dear Sir, let me second Mr. Hank Nussbacher's proposal. CESNET, the Czech Republic NREN, had been using the RIPE NCC hostcount data since 1997 for the same purpose. Its use is briefly described in the CESNET 1998 Annual report: http://www.cesnet.cz/doc/zprava1998/kap04.html (unfortunately, only the Czech language version seems to be available now). This data has been extremely useful for us as it helped us find organisations trying to misuse the CESNET IP space. Our access to the raw hostcount data stopped in January 2005 as well. Best regards, Pavel Vachek, CESNET NIC, Prague, The Czech Republic. On Mon, 27 Jun 2005, Hank Nussbacher wrote: > As someone who was not at RIPE50 but who uses hostcount, I would like to > add my comments and support. I find this service extremely useful. One > real world use is as follows: the university network in Israel has IP > addresses spanning a range of about 16 /16s. All domain names inside the > universities should terminate with ac.il or at the worst org.il. But > often students take a university Unix system that they have access to and > start using it for non-academic purposes (left as an exercise for the > reader to think of what constitutes non-academic :-)). Using grep on the > raw data file I can easily spot those systems that are running > questionable content based on their domain name (co.il for example). > > Sometimes, hackers change an IP address to some name that has certain > character strings that are unique to the hacker realm. By running a > series of greps on the raw data file I can find those systems that may > have been compromised and contact the appropriate ISP in Israel. > > So please - make hostcount work again. Incidentally, it stopped working > in Jan 2005. > > Regards, > Hank
- Previous message (by thread): [ncc-services-wg] RIPE50 - NCC Services WG Draft Minutes
- Next message (by thread): hostcount features [Re: [ncc-services-wg] RIPE50 - NCC Services WG Draft Minutes]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]