Is it time to abandon bogon prefix filters?
Darden, Patrick S.
darden at armc.org
Wed Aug 6 12:32:42 CDT 2008
1. DOS of Cymru (as noted below).
2. False Positives. Your network is suddenly stranded. Maybe on purpose. (DOS of a network, e.g. China or Youtube).
3. False Negatives. A bogus network is suddenly centrally rubber-stamped. Could happen. We've seen a lot of shenanigans with the domain registrars--similar issues could happen here.
I guess I am just trying to say that a centralized trusted repository brings with it a chance for a single point of failure. Could be the pros outweigh the cons. There are issues with a de-centralized system as well (which is what brought this conversation about.) Nothing specific to Cymru.
From: Skywing [mailto:Skywing at valhallalegends.com]
Sent: Wednesday, August 06, 2008 1:25 PM
To: Patrick W. Gilmore; NANOG list
Subject: RE: Is it time to abandon bogon prefix filters?
Then again, it does make Team Cymru an attractive target for DoS or even compromise if they can control routing policy to a degree for a large number of disparate networks. Especially if it gets in the way of for-profit spammers.
(Not trying to knock them, just providing a for consideration. I would certainly hope and expect that Team Cymru would do their due dilligance in that respect, but it seems like an attractive central point of failure to attack to me.)
More information about the NANOG