Best practices inquiry: filtering 128/1

Patrick W. Gilmore patrick at
Tue Jul 11 03:00:49 UTC 2006

On Jul 10, 2006, at 10:56 PM, Jerry Pasker wrote:

>> Actually, I take that back.  Why wouldn't you just get a feed from  
>> Cymru <> ??
> Because you fear that their routers that distribute the feed could  
> become own3d and used to cause a massive DoS by filtering out some  
> networks?

Then use the static list, just be sure to update it frequently.

> You asked.   And I use their route feed.  :-)
> I figure it a problem occurs, 1)I won't be the only one that has  
> that problem 2)I'll hear about it on NANOG.
> I figure the minute risk is worth the convenience....the chances of  
> their routers getting 0wn3d are probably about the same as my  
> routers getting 0wn3d.  The chances of it happening aren't zero,  
> but probably pretty small.  Enough so that it sure beats editing  
> the BOGON list manually!

I'd guess the Cymru team is less likely to be hax0r'ed.  But that's  
just 'cause I'm afraid of them.  (Especially if Rob's had coffee  
recently.  Which means I'm always afraid of them. :)


More information about the NANOG mailing list