Team Cymru / Spamhaus
SysIT
IT at SysAccess.net
Fri Jun 27 15:22:47 UTC 2014
That wont stop a DoS.
A DoS or DDoS is pure bandwidth wars for the most part, if someone is to DoS you, they already have your IP's and urls they need to attack you, thus a spam list won't stop an attack.
If you want to minimize actual spam, sure.
-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Adam Greene
Sent: Friday, June 27, 2014 9:18 AM
To: 'NANOG list'
Subject: Team Cymru / Spamhaus
Hi all,
We're evaluating whether to add BGP feeds from these two sources in attempt to minimize exposure to DoS.
The Team Cymru BOGON list (
http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt or
http://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt
)
looks promising and common-sense.
We already filter RFC1918 inbound at our edge, and are interested to see if adding the rest of the blocks will have a significant positive effect.
If it does, we're planning to try the IPv4 FULLBOGON list:
http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt
We're a little more leery about trying Spamhaus's BGPf service (DROP, EDROP and BCL,
http://www.spamhaus.org/bgpf/
)
because we really want to avoid false positives.
Just wondering if anyone has any words of caution ("False positives! Avoid FULLBOGONS and Spamhaus!"), or words of praise ("Do it all! These services are wonderful!") before we take the plunge.
Thanks,
Adam
More information about the NANOG
mailing list