Kashpureff Black List (REALLY AN OPERATIONAL QUESTION)
Jared Mauch
jared at puck.nether.net
Wed Jul 23 19:02:02 UTC 1997
Karl Denninger boldly claimed:
> On Wed, Jul 23, 1997 at 09:53:42AM -0400, Eric Germann wrote:
> > would an anti-kashpureff bgp feed fix the dns pollution problems similar to
> > the anti spam black list. If yes, is it collusion which would be
> > prosecutable? If no, what are the TECHNICAL reasons it wouldn't work.
> >
> > Eric
>
> No, because *ANY* nameserver which gets the pollution can then pollute you.
>
> Since you can't cut off EVERY nameserver with such a feed, it is pointless
> to attempt it.
Correct. The proper way to handle this is to install the
latest bind (8.1.1) or 4.9.6 (but 8.1.1 is better :), and it will
make it so folks can't inject bogon data into your nameservers.
- jared
--
----------------- jared at puck.nether.net - Nether Network ------------------
For a good time, look at http://www.izzy.net/~janc/tour/
For a worse time, look at http://puck.nether.net/
More information about the NANOG
mailing list