Is it time to abandon bogon prefix filters?

Rob Thomas robt at cymru.com
Wed Aug 6 18:36:39 UTC 2008


Hi, Skywing.

We've had a few DDoS attacks and lots of scans and hack attempts.  Some 
of the DDoS attacks managed to wipe out our front-end.  At no point were 
the route-servers impacted, since we keep them well away from our 
networks, widely distributed, and vigorously monitored (configs, 
responsiveness, advertisements).

Of course we're not perfect and there is no 100% solution, but we 
understand the implications of filtering gone awry (especially since we 
use it ourselves), and spend a lot of time and code keeping an eye on 
these things.  Knowing that no one has a monopoly on imagination, we 
also have some friends at commercial pen-testers hit us regularly, just 
to be sure.  :)

Thanks,
Rob.
-- 
Rob Thomas
Team Cymru
http://www.team-cymru.org/
cmn_err(CEO_PANIC, "Out of coffee!");





More information about the NANOG mailing list