Is it time to abandon bogon prefix filters?

Sam Stickland sam_mailinglists at
Wed Aug 6 14:59:58 CDT 2008

Skywing wrote:
> Then again, it does make Team Cymru an attractive target for DoS or even compromise if they can control routing policy to a degree for a large number of disparate networks.  Especially if it gets in the way of for-profit spammers.
> (Not trying to knock them, just providing a for consideration.  I would certainly hope and expect that Team Cymru would do their due dilligance in that respect, but it seems like an attractive central point of failure to attack to me.)
Use a prefix list of existing bogons against the Team Cymru BGP feed. If 
they are hacked this limits the possible attacks to the following bounds:

1) They advertise no address space, and you end up with no bogon filtering.
2) They advertise all of the IPv4 address space, but your prefix list 
limits this to (an admittedly out-of-date) list of bogons.


To report this e-mail as SPAM, forward it to spam at

The information contained in this E-mail message, including any attached files transmitted, is confidential and may be legally privileged. It is intended only for the sole use of the individual(s) named above. If you are the intended recipient, be aware that your use of any confidential or personal information may be restricted by state and federal privacy laws. If you, the reader of this message, are not the intended recipient, you are hereby notified that you should not further disseminate, distribute, or forward this E-mail message. If you have received this E-mail in error, please notify the sender and delete the material from your computer system. This message is provided for information purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments in any jurisdiction.

More information about the NANOG mailing list