Team Cymru / Spamhaus

• Previous message (by thread): Team Cymru / Spamhaus
• Next message (by thread): Team Cymru / Spamhaus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

That wont stop a DoS.

A DoS or DDoS is pure bandwidth wars for the most part, if someone is to DoS you, they already have your IP's and urls they need to attack you, thus a spam list won't stop an attack.

If you want to minimize actual spam, sure.

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Adam Greene
Sent: Friday, June 27, 2014 9:18 AM
To: 'NANOG list'
Subject: Team Cymru / Spamhaus

Hi all,

 

We're evaluating whether to add BGP feeds from these two sources in attempt to minimize exposure to DoS.

 

The Team Cymru BOGON list (

http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt or

http://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt

)

looks promising and common-sense. 

 

We already filter RFC1918 inbound at our edge, and are interested to see if adding the rest of the blocks will have a significant positive effect.

 

If it does, we're planning to try the IPv4 FULLBOGON list:

 

http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt

 

We're a little more leery about trying Spamhaus's BGPf service (DROP, EDROP and BCL, 

 

http://www.spamhaus.org/bgpf/

)

 

because we really want to avoid false positives. 

 

Just wondering if anyone has any words of caution ("False positives! Avoid FULLBOGONS and Spamhaus!"), or words of praise ("Do it all! These services are wonderful!") before we take the plunge.

 

Thanks,

Adam

• Previous message (by thread): Team Cymru / Spamhaus
• Next message (by thread): Team Cymru / Spamhaus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]