Team Cymru / Spamhaus
Paul S.
contact at winterei.se
Sat Jun 28 02:25:09 UTC 2014
+1, blanket banning is probably not the best way to go.
On 6/28/2014 午前 05:40, Jon Lewis wrote:
> On Fri, 27 Jun 2014, Adam Greene wrote:
>
>> We're evaluating whether to add BGP feeds from these two sources in
>> attempt
>> to minimize exposure to DoS.
>>
>> The Team Cymru BOGON list (
>>
>> http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt or
>>
>> http://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt
>
> These really won't do anything to stop DoS attacks. Common DDoS attack
> traffic these days comes via reflection from non-spoofed sources
> replying to a spoofed public IP target.
>
>> http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt
>
> Same here. Whether or not its worth null routing unallocated IP space
> may be debatable, but again, it't not going to help protect you from a
> typical real DDoS.
>
>> We're a little more leery about trying Spamhaus's BGPf service (DROP,
>> EDROP
>> and BCL,
>>
>> http://www.spamhaus.org/bgpf/
>
> This is more about stopping spam from entering your network and
> stopping compromised hosts on your network from becoming active in
> botnets (by cutting off their command and control).
>
> ----------------------------------------------------------------------
> Jon Lewis, MCP :) | I route
> | therefore you are
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list