Tag Archive for: DNSBL

Servers have reputations too

Many have compared the Internet to the wild west.  While there may well be cowboys it is certainly true that your server is viewed by the company that it keeps.  It seems that people spend a lot of time looking after their own online reputation and very little looking after the reputation of their infrastructure.

A standard part of our SysAdmin service is to setup reputation alerts for your domain names and IP addresses.  Last week one of the servers we manage for a client was added to a realtime blacklist (RBL).  Blacklists are used to identify places online that are unsafe.  This could be spammers, malware or porn. We were convinced that our customer had none of these issues so we contacted the blacklist to find that they had actually blacklisted an entire subnet which included our server.  They had noticed a large amount of spam coming from a number of machines around ours and had quite correctly wanted to blacklist them.  Our server was “collateral damage”.

Thankfully the blacklist in question removed our server very quickly but it does show that just like real life, all the hard work that goes into keeping your house safe and secure can be tarnished quite easily by having bad neighbours.

Things to remember when setting up infrastructure:
  • Your domain name has a reputation as well as your IP address.  You should monitor both.
  • A good free place to monitor IP addresses is Project Honey Pot.
  • A good free place to monitor web domain issues (http only) are Google Webmaster Tools.
  • If you are running a mailserver you should monitor realtime blocklists too.
  • The ISP that hosts your equipment is responsible for the neighbours you keep.
  • Server reputation can also include response time.  Ensuring a low latency connection is essential.
Reputation monitoring is an important part of our SysAdmin service.  We monitor your equipment so you don’t have to.

Feature image – “Storage Servers” by grover_net is licensed under CC BY ND 2.0