Is it time to abandon bogon prefix filters?
Darden, Patrick S.
darden at armc.org
Wed Aug 6 17:32:42 UTC 2008
1. DOS of Cymru (as noted below).
2. False Positives. Your network is suddenly stranded. Maybe on purpose. (DOS of a network, e.g. China or Youtube).
3. False Negatives. A bogus network is suddenly centrally rubber-stamped. Could happen. We've seen a lot of shenanigans with the domain registrars--similar issues could happen here.
.
.
I guess I am just trying to say that a centralized trusted repository brings with it a chance for a single point of failure. Could be the pros outweigh the cons. There are issues with a de-centralized system as well (which is what brought this conversation about.) Nothing specific to Cymru.
--Patrick Darden
-----Original Message-----
From: Skywing [mailto:Skywing at valhallalegends.com]
Sent: Wednesday, August 06, 2008 1:25 PM
To: Patrick W. Gilmore; NANOG list
Subject: RE: Is it time to abandon bogon prefix filters?
Then again, it does make Team Cymru an attractive target for DoS or even compromise if they can control routing policy to a degree for a large number of disparate networks. Especially if it gets in the way of for-profit spammers.
(Not trying to knock them, just providing a for consideration. I would certainly hope and expect that Team Cymru would do their due dilligance in that respect, but it seems like an attractive central point of failure to attack to me.)
- S
More information about the NANOG
mailing list