[arin-ppml] ARIN-prop-180 ISP Private Reassignment - intent to revise
Jimmy Hess
mysidia at gmail.com
Thu Aug 16 22:03:54 EDT 2012
On 8/16/12, Chu, Yi [NTK] <Yi.Chu at sprint.com> wrote:
[snip]
> As for the BULL, one can argue that banks do not have to put a sign telling
> where the vault is or the keys to the vault are on the front door either.
> But I guess all analogy is just analogy.
The difference, with WHOIS contact information, there is a safety
consideration, with regards to the public's ability to identify you
and reach technical contacts for your network, to correct problems or
put a stop to abuse.
Just because you want your bank to be secure, does not mean you may
remove all EXIT signs and post your guards at the main entrance.
If you are suggesting that WHOIS is a go-to resource for would-be
network intruders, I would say that's just totally naive... when a
simple DNS lookup finds the website, a simple DNS scan for
interesting names finds other hosts, and then there are public copies
of the internet routing table readily available to determine what
prefix is announced.
Your typical network intrusion starts with an insider visiting a
malicious website, or being the target of a social engineering attack.
The actual significant rsk I see WHOIS could in theory pose here, is
it can sometimes provide the real name and e-mail address of a
person, whom a black hat /might/ be able to impersonate, the
hacker might be able to fool another person in the organization into
divulging their password over the phone, by using caller id spoofing
and pretending to be the person listed in WHOIS....
--
-JH
More information about the ARIN-PPML
mailing list