Worst Offenders/Active Attackers blacklists

Edward B. DREGER eddy+public+spam at noc.everquick.net
Tue Jan 29 21:23:27 UTC 2008


PWG> Date: Tue, 29 Jan 2008 15:50:50 -0500
PWG> From: Patrick W. Gilmore

PWG> [Z]one transfers, while not as bad as individual lookups, are still
PWG> a bad idea IMHO.  For instance, are you sure you want your dynamic
PWG> filters 30 or 60 minutes out of date?

As opposed to infinitely out-of-date (i.e., no filters)?  Don't get me
wrong; I'm none too keen on using DNS to distribute IP ACLs.  I just am
nitpicking that one particular point.


PWG> BGP was discussed, but such feeds already exist and do not require a
PWG> firewall.

IMHO, this is better than anything DNS-based.  Using zone transfers is
like using RIP. *shudder*


Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
davidc at brics.com -*- jfconmaapaq at intc.net -*- sam at everquick.net
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.



More information about the NANOG mailing list