Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds

• Previous message (by thread): Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds
• Next message (by thread): Qwest Contact?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 16, 2014 at 11:04 AM, John Levine <johnl at iecc.com> wrote:

> If you're a tiny little network, you can
> use the public DNS servers for the BL lookups, and you can
> FTP the text version of DROP and turn in into firewall
> rules or whatever.  That's what I do (hack perl scripts
> available on request.)
>

Here's working Bash script to sync the freely available DROP/EDROP lists
into a quagga/linux route server. https://gist.github.com/dotysan/8463112

I ran that awhile back without issue. But not anymore. Last year I added
the $250/yr BOTNETCC list which is BGP-only. And it was too convenient to
move the DROP/EDROP lists into BGP for an additional $250.

It works as advertized. The BOTNETCC list is only v4/32s and more dynamic
than the other lists. It's up to you to set it up correctly so an accident
doesn't blackhole your own prefixes...or favorite offshore gambling site.
:-p

../C

• Previous message (by thread): Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds
• Next message (by thread): Qwest Contact?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]