Is it time to abandon bogon prefix filters?
sean at donelan.com
Tue Aug 26 02:28:04 CDT 2008
On Sun, 24 Aug 2008, Tomas L. Byrnes wrote:
> You're missing one of the basic issues with bogon sources: they are
> often advertised bogons, IE the bad guy DOES care about getting the
> packets back, and has, in fact, created a way to do so.
> This is usually VERY BAD traffic, and EVEN WORSE if a user goes TO a
> site hosted in such IP space.
> So, Bogon filtering has value beyond mere spoofed source rejection.
Unmanaged (or semi-managed) routers probably should not be running
BGP or other exterior routing protocols. Unmanaged routers with BGP
provide more opportunities to create havoc and mischief.
More information about the NANOG