This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[ncc-services-wg] That's So Meta (was Re: New on RIPE Labs: RIPE NCC and the Cloud - Let’s Start Again)
- Previous message (by thread): [ncc-services-wg] That's So Meta (was Re: New on RIPE Labs: RIPE NCC and the Cloud - Let’s Start Again)
- Next message (by thread): [ncc-services-wg] New on RIPE Labs: RIPE NCC and the Cloud - Let’s Start Again
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
jorma at jmellin.net
jorma at jmellin.net
Wed Jun 23 14:19:49 CEST 2021
FYI APNIC left a dump from its Whois SQL database in a public Google Cloud bucket https://www.theregister.com/2021/06/22/apnic_whois_data_exposed/ The Asia Pacific Network Information Centre (APNIC), the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months. Jome ---- jorma at jmellin.net Quoting Shane Kerr <shane at time-travellers.org>: > Nick, > > On 22/06/2021 23.50, Nick Hilliard wrote: >> Patrik Fältström wrote on 22/06/2021 21:23: >> >> With regard to the ripe database and the rpki repo, it doesn't look like >> there are any specific legal issues that haven't been considered. >> All of this information is publicly accessible anyway. There may >> well be a different set of considerations for other types of data. > > I don't think that is is okay to say "this information is publicly > accessible anyway". On a RIPE Database or RPKI server there is > meta-data about *who* is accessing the database, including > timestamps, source addresses, and possibly other data. There is also > meta-data about *what queries* are made to the database. There also > things to be learned about replication delays between servers, and > surely a lot more that might be of interest to creative folks. > > I don't know about now, but at one point there were firewalls and/or > intrusion-detection systems that would query the RIPE Database to > give the admin information about the source of suspicious traffic. > An attacker trying to penetrate a network might be able to identify > which security products were in use if given unrestricted access to > WHOIS query logs. I'm not saying this is a likely scenario, I'm > saying we should be cautious about declaring access to data safe. > Humans (and increasingly AI) are ingenious about ways to use systems > in unintended ways. > > As a thought experiment to try to demonstrate the idea, how would > you feel about a proposal to provide public access to complete > system logs of all RIPE Database servers? If that makes you nervous > in any way - and I think that it should! - then this is exactly why > we should consider the operators hosting RIPE Database (and RPKI) > resources important. > > Cheers, > > -- > Shane
- Previous message (by thread): [ncc-services-wg] That's So Meta (was Re: New on RIPE Labs: RIPE NCC and the Cloud - Let’s Start Again)
- Next message (by thread): [ncc-services-wg] New on RIPE Labs: RIPE NCC and the Cloud - Let’s Start Again
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]