BGP hijack from 23724 -> 4134 China?

Danny McPherson danny at tcb.net
Thu Apr 8 21:17:52 CDT 2010


On Apr 8, 2010, at 8:05 PM, Brielle Bruns wrote:
> 
> Since there's been alot of requests for the ACLs, i've gone ahead and put the info on our wiki for easy access.
> 
> http://wiki.sosdg.org/sosdg:internal:chinafilter
> 
> Hope it comes in handy, and please let me know if i'm missing anything.

If you're going to post this and folks are actually going to consider 
employing it I suspect it'd be well worthwhile to include on that page 
how you generated it and how you keep it updated -- so that it can be 
updated by others as necessary.  

Additionally, folks should note that this policy would have made zero 
difference in this particularly incident, most of you likely realize that.  
Furthermore, a policy such as this does nothing to mitigate exfiltration 
of data TO those address blocks you've listed.

FWIW, this is a lot like putting a bandaid on a headache - it's not going 
to do much good in reality, and likely cause more harm than good in properly 
secured networks - but it might make some folks feel a little better.

-danny






More information about the NANOG mailing list