Obsolete bogon filtering

Mike Leber mleber at he.net
Thu Mar 10 22:03:28 UTC 2005


On Fri, 11 Mar 2005, Simon Lyall wrote:
> On Thu, 10 Mar 2005, Rob Thomas wrote:
> > Folks can keep up with the bogon filters through a wide variety of
> > means.  We have HTTP, DNS, RADb objects, RIPE NCC objects, and
> > text files.
> 
> I think this has been posted here more than a few dozen times. Perhaps a
> list of sites/Nocs that do not automate their updates could be kept so:
> 
> 1. People would have a list of phone numbers to call every time a change
> was made.
> 
> 2. People would have a list of sites that were known to be of less
> clue than most. This might help them make purchasing decisions in the
> future.

Hmmmm, one wonders if the static security template has over time become
responsible for more realized loss of connectivity than the attacks it
theoretically protects against.

Perhaps it should be distributed with only a martian and RFC1918 filter,
and not the unallocated space, if everybody knows that people apply it in
a write once configuration manner.

Mike.

+----------------- H U R R I C A N E - E L E C T R I C -----------------+
| Mike Leber           Direct Internet Connections   Voice 510 580 4100 |
| Hurricane Electric     Web Hosting  Colocation       Fax 510 580 4151 |
| mleber at he.net                                       http://www.he.net |
+-----------------------------------------------------------------------+




More information about the NANOG mailing list