Is it time to abandon bogon prefix filters?

Sean Donelan sean at donelan.com
Wed Aug 6 13:01:30 CDT 2008


On Thu, 7 Aug 2008, Randy Bush wrote:
> serious curiosity:
>
> what is the proportion of bad stuff coming from unallocated space vs
> allocated space?  real measurements, please.  and are there longitudinal
> data on this?
>
> are the uw folk, gatech, vern, ... measuring?

Attacks or misconfigured leaks?

Leaks of RFC1918 stuff is pretty common, just ask any of the root server 
operators how many packets they see from RFC1918 leaking networks or do a
traceroute across several residential cable network backbones.

Attacks aren't as common because there is enough (not 100%) anti-spoofing 
(good) and/or bogon-filters (not as good) in different parts of the 
Internet it requires more thought to launch a spoofed DDOS than it does 
just to use tens of thousands of non-spoofed bots to launch a DDOS.

Arbor Networks has some data.




More information about the NANOG mailing list