Dns-operations mailing list

[Jeff Taylor <shdwdrgn AT sourpuss.net>]

Realtime updating ALSO relies on the client registering their new IP as 
soon as they receive it.
I wonder if we can configure something that gives some leeway for 
filtering... for instance allow a new IP access for 5 minutes, after 
which time they need to be listed to continue using that server?


On 02/12/2014 05:23 AM, Hunter 9999 wrote:
> > Am 12.02.2014 um 06:49 schrieb Jeff Taylor <shdwdrgn AT sourpuss.net>:
> >
> > FYI the list of registered IPs is global, so you don't have to specify which 
> > T2 servers you are using... they will all read from the same data.
> I mean to update the used servers on the users system, for auto use i.E. the 
> fastes servers for the users system or if one get offline.
> You should config if you want to use logging servers and specify an 
> server-country if you want.
> Additionally it should check if you are able to use whitelisting servers and 
> filter them out if not.
>
> > Currently, yes, there is a 15-minute lead for updates.  However on my to-do 
> > list is looking for a method of getting real-time updates. There are 
> > possibilities with wget (only grab the file if it is newer than the existing 
> > file, in which case refresh BIND), but I haven't had any time to investigate 
> > any options yet.
> Without realtime updating you break the internet access and couldn't work for 
> that time.
> As an fallback you could use an not whitelisting server for that time but 
> this should by done by an automated process as above mentioned.
>
>
> > > On 02/11/2014 02:32 PM, Hunter 9999 wrote:
> > > The best would be to offer ready to use daemons with installer for all OSs 
> > > (as promoted option).
> > > One daemon to update the whitelisting and one for updating the used T2s.
> > > It could use an combined installer where you can choose what to install.
> > >
> > >
> > > Something else:
> > > Is it right, that if my ip changes every night at 4am, that I can't resolve 
> > > DNS querys up to 4:15am due to the whitelist update every 15 minutes?
> > >
> > >
> > > > Am 11.02.2014 um 17:57 schrieb Jeff Taylor <shdwdrgn AT sourpuss.net>:
> > > >
> > > > I didn't realize there was a discussion going on already!  Sorry I'm late to 
> > > > the party...
> > > >
> > > > If a server only allows whitelisting, then the bots will go away over time.  
> > > > Eventually opennic may go to only using whitelisting because of the benefits 
> > > > from attacks.  Users should also realize that a whitelisted server will be 
> > > > *faster* because they will have more bandwidth free to answer legitimate 
> > > > queries.
> > > >
> > > > Regarding the matter of distinguishing the servers using whitelisting... 
> > > > There should definitely be a flag on the wiki page signifying if a server is 
> > > > using whitelisting or not, and that flag could be used for sorting the list.  
> > > > Additionally, we will have to revise our listings of 'nearest servers' to 
> > > > allow users to make a choice between whitelisted and fully-open servers (with 
> > > > the full-open servers being the default view).
> > > >
> > > > And of course we will need to write some wiki how-to pages to show people how 
> > > > to register their IP on various platforms.  This project is still getting off 
> > > > the ground, it will take some time to get everything set up.  However for 
> > > > anyone wondering how they can contribute, it would be great if anyone wants 
> > > > to start working on documentation.  Linux and Mac users should be easy... 
> > > > simply adding a cron job that runs hourly or at boot...  Windows will be more 
> > > > involved, installing wget and setting up a scheduled task (or if anyone has 
> > > > alternate ideas?) and will require screenshots of the various steps.  We also 
> > > > need a front page in the wiki to lay out the benefits of whitelisting, and 
> > > > discuss the measures put in place to protect a user's privacy.
> > > >
> > > >
> > > > > > On 02/10/2014 07:24 PM, Quinn Wood wrote:
> > > > > > On Mon, Feb 10, 2014 at 7:37 PM, Guillaume Parent <gparent AT gparent.org> wrote:
> > > > > > The point is not to punish people who wish to protect their servers, but to
> > > > > > not confuse users who are sometimes already so technically challenged that
> > > > > > they have no idea what to do with the IP in the first place.
> > > > > I guess at this junction, it's a question of whether or not we value a
> > > > > large userbase more than educating a small userbase.
> > > > >
> > > > > ----
> > > > > To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org
> > > > ----
> > > > To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org
> > > ----
> > > To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org
> >
> > ----
> > To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org
> ----
> To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org