jrhett at netconsonance.com
Thu Sep 11 02:47:05 CDT 2008
On Sep 7, 2008, at 12:18 AM, Randy Bush wrote:
> normally i would have just hit delete. but your ad hominem attack on
> the messenger need a response.
> the reality of life is that he is correct in that "attack traffic
> from legitimate IP sources anyway."
> therefore, your first duty should be to keep your hosts from joining
> massive army of botnets.
Having no hosts, I can't do much about that other than use various
good best practices (including BCP38), run ids units looking for
compromised hosts, and respond quickly to each abuse report if my IDS
doesn't observe it first.
Given that I know of no provider larger than us using BCP38 on every
port, and no other provider larger than us that responds to every
abuse report, it would appear that we are top of the class in that
Therefore, when someone says "I don't need to do BCP38" because BCP38
doesn't cause problems for them, I consider them a jerk. And yeah, I
feel pretty confident looking down my nose at someone like that.
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
More information about the NANOG