Blackholing APNIC Routes (or a subset of)

• Previous message (by thread): Fw: Where is the edge of the Internet?
• Next message (by thread): Blackholing APNIC Routes (or a subset of)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Anyone want to admit privately (I'll summarize to the list) if they actively
filter certain partitions of APNIC space?

We did a little experiment the past couple of days and saw at 85% of our
port 13[5-9] scans, Code Red/Nimda/formmail attempts, etc. go out the door
by blackholing those networks in .cn and .kr.

Thoughts?  Is it a valid thesis?  I've seen the discussions for spam
mitigation, etc via DNS, but this is actually null routing all their
traffic.

Eric



==========================================================================
  Eric Germann                                        CCTec
  ekgermann at cctec.com                                 Van Wert OH 45801
  http://www.cctec.com                                Ph:  419 968 2640
                                                      Fax: 603 825 5893

"The fact that there are actually ways of knowing and characterizing the
extent of one’s ignorance, while still remaining ignorant, may ultimately be
more interesting and useful to people than Yarkovsky"

  -- Jon Giorgini of NASA’s Jet Propulsion Laboratory
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Eric Germann.vcf
Type: text/x-vcard
Size: 419 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20021105/f4ccece6/attachment.vcf>

• Previous message (by thread): Fw: Where is the edge of the Internet?
• Next message (by thread): Blackholing APNIC Routes (or a subset of)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]