Bogon filtering (don't ban me)
Mark Segal
MSegal at Corporate.FCIBroadband.com
Fri Dec 3 15:54:40 UTC 2004
Then you could also just get a connection to team cymru's bogon servers.
Works Perfectly for us. I have been peering with them from our sink
hole/black hole trigger router, for a while now, and I no longer need to
manually update the files.
More info here.
http://www.cymru.com/BGP/bogon-rs.html
Regards,
Mark
--
Mark Segal
Director, Network Planning
FCI Broadband
Tel: 905-284-4070
Fax: 416-987-4701
http://www.fcibroadband.com
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On
> Behalf Of David Barak
> Sent: December 3, 2004 10:08 AM
> To: J. Oquendo; nanog at nanog.org
> Subject: Re: Bogon filtering (don't ban me)
>
>
>
> --- "J. Oquendo" <sil at politrix.org> wrote:
>
> > I thought about it over and over, and wonder why this hasn't been
> > done.
> > Any care to beat me with a clue stick or two. I can understand the
> > arguments of not wanting a vendor to have control of some
> aspect of my
> > business, or control over my network, but correct me if I am wrong,
> > wouldn't this solve a heck of a lot of issues concerning
> network based
> > attacks, spam, scumware/spyware/fooware/$*something?
>
> Vendor C has something similar, in their "autosecure"
> feature. However, the trouble is that the list of bogon
> networks is static, and in fact includes 70/8 among many
> others. This is (I'm certain) contributing to the
> reachability issues that those folks with new netblocks experience.
>
> A better implementation would be for vendors to include a
> "bogon-subscribe server x.x.x.x" feature, which would simply
> allow a router to talk to a centralized bogon server.
>
> However, the complexity of setting up the real-time BGP bogon
> feeds is not that hard - anyone who would use the above
> command could do it - so I'm not sure that this requires any
> new tools.
>
> =====
> David Barak
> -fully RFC 1925 compliant-
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - now with 250MB free storage. Learn more.
> http://info.mail.yahoo.com/mail_250
>
>
More information about the NANOG
mailing list