[AusNOG] Understanding lack of Aus connectivity to melbournefreeuniversity.org.

[McDonald Richards]

I think you're reading far too much into this.

If you spam, and you cause abuse tickets, your IP is probably going to get blocked.

If you host questionable content (and its not "controversial viewpoints" - I'm talking the stuff we all know should not even exist, let alone be on the web), your IP is probably going to get blocked.

If you run an open DNS resolver and you participate in DDOS activity, your IP is probably going to get blocked.

If you participate in port scanning activities and trigger alarms from overseas honeypots and dark nets, your IP is probably going to get blocked.

Most networks have acceptable usage policies, and if they don't, their upstream providers probably do. If activity on a shared host triggers any sort of alarms upstream, it's generally easier to act first and ask questions later to contain the amount of background noise we already have on an increasingly noisy Internet.

If your content is important and you're worried about impact to service due to shared hosting activity, put it on a dedicated host. You get what you pay for. Buyer beware. Etc etc.

They should be taking this up with their host, and their host with their NSPs. If the content is that important, move it to a new IP and update your DNS record.

There's no government conspiracy and nothing to see here.

Macca
Someone who blocks hosts that shit up the Internet from time to time





From: Danny O'Brien <danny at spesh.com<mailto:danny at spesh.com>>
Date: Saturday, 13 April 2013 12:56 PM
To: Nathan Nogic <nathan at mds.au.com<mailto:nathan at mds.au.com>>
Cc: "ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>" <ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>>
Subject: Re: [AusNOG] Understanding lack of Aus connectivity to melbournefreeuniversity.org.

On Fri, Apr 12, 2013 at 7:40 PM, Nathan Nogic <nathan at mds.au.com<mailto:nathan at mds.au.com>> wrote:
Hi Danny,

Re your question, absolutely, every carrier that has a telco licence is, by law, required to provide interception capabilities to comply with lawful direction from the courts or a number of law enforcement agencies as a condition of their telco licence. That also governs what they can and can’t say just like any other action taken on behalf of law enforcement or in compliance with a court order.

Just to be clear, again. I understand the procedure for an interception warrant, and the judicial oversight that takes place under those conditions, which are carefully spelled out in the Act.

What we're apparently talking about here, however, is an ad hoc government process to *block* an IP, which has no such clear process defined in law, has been an extremely controversial topic in Australia as elsewhere (leading to the recent abandonment of a proposed mandatory blacklist regime in favour of a voluntary ISP agreement), has clear risks of overreach and collateral damage (almost certainly what we're seeing here), and, it is being implied here, being conducted under the terms of a private agreement the details of which no-one has yet made public.

Was the judge in this case made aware of the collateral damage of the order they were signing? Was a judge involved at all? If it was solely the act of the Attorney-General, what is the process to ensure that this is proportional?

Even if the terms of this particular order are secret, it would seem to be extremely unlikely (and very worrying) if the process to conduct these blocks is entirely secret, and kept secret and separate from the pre-existing blacklist agreements. Is the process documented, as seems to be indicated by 314(3)? Can we see this documentation?

d.


At the risk of going off on a tangent, while I can understand why this debate stirs up emotion, what I’m keen to understand from members of this group is why, because it relates to the internet, the emotional response seems to be much greater than if a law enforcement organisation (or any organisation complying with a court order) enforces a legally binding request to do just about anything else that affects shared infrastructure in society at large.

My guess is that we feel that freedom of expression and access to information on the internet should override certain obligations (not saying I support mandatory filtering, etc), however, I suspect that we overlook countless incidents on a daily basis which now fall into the same ‘societal infrastructure’ category as the internet. On a daily basis Police shut down a roads to stop motorists getting to the scene of a crime or accident, restrict access to public or private premises for any number of reasons, tap phone lines to listen in on criminal organisations, etc but we don’t see the same sort of response. I suspect that’s because actions on these public utilities has become ingrained within society as part of our day to day lives and an accepted level of law enforcement action is considered normal for the safe and smooth running of society in general. I’m not sure this attitude has translated to the internet as yet (or ever will).

The facts that we know is that ultimately, we don’t know why or who the block was targeted at other than the IP address and why enforcement was only taken up by specific ISPs. That could have been haphazard filtering or it could have been targeted at certain end users. Without specific information, we don’t, and most probably will never, know any other circumstances surrounding the action and that is probably not going to change unless it gets to court and someone reads the transcripts (not me!) :).

Cheers

Nathan


From:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>] On Behalf Of Danny O'Brien
Sent: Saturday, 13 April 2013 12:11 PM
To: Bevan Slattery

Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Understanding lack of Aus connectivity to melbournefreeuniversity.org<http://melbournefreeuniversity.org>.

On Fri, Apr 12, 2013 at 6:28 PM, Bevan Slattery <bevan at slattery.net.au<mailto:bevan at slattery.net.au>> wrote:
Nope – wrong.  You get a notice to block.  You block or either get fined, go to jail or lose your carrier licence.  It is a blunt instrument and it is a condition of being at "the big boys table" i.e. you're a carrier or a carriage service provider.  You don't ask too many questions, you don't post it to Ausnog and have a decision by committee.  You block the IP address as you are required to by law and you do it immediately.


Bevan,

Just to clarify here: are you saying there is an established process under the Telecommunications Act whereby Internet ISPs in Australia have been required to block specific IPs by law enforcement, with a secrecy requirement attached? And that's it's separate from the voluntary, DNS, filter agreed to by some ISPs?

It would seem, given the extremely strong public reaction to the public filter proposals, that this might be something of a matter of public interest. At the very least, it would be hard to keep a list of /32 blackholes secret, given the number of people that BGP feed might be shared with. Are internal BGP route databases also covered by this secrecy requirement?

d.

<snip>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130413/d0e42a6a/attachment.html>