Analysis on poor reputation of the italian Public Administration websites

Pubblica Amministrazione - valutazione rischi e beneficiWebsites, spam and blacklists: how do they correlate? Everyone could argue that a broken website can (hacked or not) send junk mail, therefore be marked as spam-sending and as a consequence listed in one or more blacklists. Fair enough.

When speaking about Public Administration I would expect an accurate and precise control over every resource involved in providing e-services to citizens. You can read my previous articles on other aspects of italian Public Administrations on-line presence.

This time I want to verify how ICT teams responsible for delivering public services in a reliable manner deal with a pretty simple task: keeping their websites off the blacklists.

What we tried to do is a research on the websites of italian Public Administrations. So, between November 22 and December 4 2015, we examined 8.195 hosts and generated almost 600,000 queries to 73 blacklists servers.

Our findings show that out of 8,195 different hosts, 881 are listed in one or more blacklists (it’s 10.75%).

Public Administration Blacklists percentage

The high scored blacklists are BarracudaCentral (273 hits), RATS (218 hits), spamcannibal and SORBS-SPAM (166 hits each), dnsbl.sorbs.net (145 hits).

Public Administration - Blacklists hits

Where are those websites placed? Well, here is the top of the list according to our study:

the first provider hosting at least 165 blacklisted PA IPv4 is Fastweb:

aut-num: AS12874
as-name: FASTWEB
descr: Fastweb SpA
remarks: Fastweb Autonomous System
remarks: Milano - Italy

The second, with at least 152 blacklisted PA IPv4 is Aruba:

aut-num: AS31034
as-name: ARUBA-ASN
descr: Aruba S.p.A.
org: ORG-Ts9-RIPE

On the third step of the podium, Regione Veneto with at least 107 blacklisted PA IPv4:

aut-num: AS41651
as-name: ASN-RVE
descr: Regione del Veneto
descr: National AS
org: ORG-RV3-RIPE

Wooden medal for Telecom Italia who hosts at least 87 blacklisted PA IPv4:

aut-num: AS3269
as-name: ASN-IBSNAZ
descr: Telecom Italia S.p.a.
org: ORG-IA34-RIPE

aut-num: AS20959
as-name: Telecom-Italia-Data-Com
descr: Telecom Italia S.p.A.
remarks: This AS Number will be used by the Datacom Network.
At the moment Data.Com is a Business Unit of the
TELECOM ITALIA Group and operates on all the Italian
territory in the field of wireline access services
(frame Relay, IP, xDsl, ecc...).

aut-num: AS20746
org: ORG-TIS3-RIPE
as-name: ASN-IDC
descr: Telecom Italia S.p.A.
descr: T.NO.OM.I.NC
descr: Network Operations Center

It’s worth noting that inside Telecom Italia IPv4 address space there are huge slices delegated to different organizations, for example a whole /24 to AMMINISTRAZIONE PROVINCIALE MACERATA (195.223.142.0/24).
That’s a quite interesting case because we found 56 blacklisted IPv4 all belonging to that /24. So Telecom Italia is not fully responsible for that.

Public Administration - AS with PA blacklisted IPv4

Honestly, I suspected that some of those websites could gain a poor reputation on the net, mainly because of weak software, lack of security habits, incompetence of operators or managers. But they outperform any reasonable forecast with that 10.75%.

[Raw data: https://www.prado.it/wp-content/uploads/PA-hosts-blacklists.tar.bz2]

Creative Commons License
Analysis on poor reputation of the italian Public Administration websites by Antonio Prado is licensed under a Creative Commons Attribution-ShareAlike 4.0 International

Leave a Reply