Team Cymru / Spamhaus

• Previous message (by thread): Team Cymru / Spamhaus
• Next message (by thread): Next steps in extortion case - ideas?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

+1, blanket banning is probably not the best way to go.

On 6/28/2014 午前 05:40, Jon Lewis wrote:
> On Fri, 27 Jun 2014, Adam Greene wrote:
>
>> We're evaluating whether to add BGP feeds from these two sources in 
>> attempt
>> to minimize exposure to DoS.
>>
>> The Team Cymru BOGON list (
>>
>> http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt or
>>
>> http://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt
>
> These really won't do anything to stop DoS attacks. Common DDoS attack 
> traffic these days comes via reflection from non-spoofed sources 
> replying to a spoofed public IP target.
>
>> http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt
>
> Same here. Whether or not its worth null routing unallocated IP space 
> may be debatable, but again, it't not going to help protect you from a 
> typical real DDoS.
>
>> We're a little more leery about trying Spamhaus's BGPf service (DROP, 
>> EDROP
>> and BCL,
>>
>> http://www.spamhaus.org/bgpf/
>
> This is more about stopping spam from entering your network and 
> stopping compromised hosts on your network from becoming active in 
> botnets (by cutting off their command and control).
>
> ----------------------------------------------------------------------
> Jon Lewis, MCP :) | I route
> | therefore you are
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

• Previous message (by thread): Team Cymru / Spamhaus
• Next message (by thread): Next steps in extortion case - ideas?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]