Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds

Curtis Doty Curtis at GreenKey.net
Thu Jan 16 21:06:14 UTC 2014

On Thu, Jan 16, 2014 at 11:04 AM, John Levine <johnl at iecc.com> wrote:

> If you're a tiny little network, you can
> use the public DNS servers for the BL lookups, and you can
> FTP the text version of DROP and turn in into firewall
> rules or whatever.  That's what I do (hack perl scripts
> available on request.)

Here's working Bash script to sync the freely available DROP/EDROP lists
into a quagga/linux route server. https://gist.github.com/dotysan/8463112

I ran that awhile back without issue. But not anymore. Last year I added
the $250/yr BOTNETCC list which is BGP-only. And it was too convenient to
move the DROP/EDROP lists into BGP for an additional $250.

It works as advertized. The BOTNETCC list is only v4/32s and more dynamic
than the other lists. It's up to you to set it up correctly so an accident
doesn't blackhole your own prefixes...or favorite offshore gambling site.


More information about the NANOG mailing list