[AusNOG] Confirmation of govt blackholing. Was: Re: Understanding lack of Aus connectivity to melbournefreeuniversity.org.

PRK ausnog at digitaljunkie.net
Thu May 16 18:00:46 EST 2013


 

Out of curiosity, when the request to block an IP address comes
through, how should the ISP determine whether it contains thousand of
law abiding websites, child abuse material, or whatever? 

If all you have to start with is an IP Address, you're a little limited
in what non intrusive checking you can do - whois database and PTR
lookup are the only obvious ones which spring to mind, although you
could probably get away with a traceroute, but not an nmap or similar
scan. 

In the case of 103.15.178.29 (the A record for
melbournefreeuniversity.org), there is no PTR entry, a traceroute goes
to mel.racknet.net.au then stops, and the whois is for Echoman Pty Ltd,
which I must admit I haven't heard of. 

I can quite easily see how an ISP could block that IP on request,
without any easy ability to determine the collateral damage in order to
know whether it was a reasonable request or not. 

Being able to determine "reasonable" would also depend if the notice
gave the reason for blocking the website - ie scam, or whether it's just
an s313 notice with no reason given. 

prk. 

On 2013-05-16 08:41, Mark Newton wrote: 

> A section 313 notice isn't an order, it's a request for reasonable assistance which can be denied. If the requester doesn't like the denial, they get to ask the Federal Court for an order to compel. In the absence of such an order, a recipient of a notice who says "No, it is not reasonable to block thousands of law abiding websites just because you have an unproven allegation that someone on the internet is running a scam," is on stable ground.

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130516/bc094aba/attachment.html>


More information about the AusNOG mailing list