Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons

• Previous message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Next message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jon Lewis wrote:
>
> On Thu, 1 Mar 2007, Chris L. Morrow wrote:
>
>> So, where are static bogon filters appropriate? (loaded question 
>> perhaps)
>> I ask because just about every 'security expert' and 'security 
>> whitepaper'
>> or 'security suggestions' has some portion that speaks to "why it's a
>> grand idea to have acl-lines/firewall-policy tp block 'bogon' ip space"
>> (for some definition of 'bogon' of course).
>
> I suppose they're appropriate when done by network security 
> consultants, as it guarantees future / repeat business.  :)
>
I'll second this opinion, As most of DDoS attacks are from  zombies, 
which are in registered networks.
Especially I did never see any traffic from so called bogons. Perhaps,  
bogon acls  are helpful when they are configured on backbone, but not 
everywhere.

just my 1E-10  cents :-)
--
With best regards,
    Gregory Edigarov

• Previous message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Next message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]