nanog mailing list archives

Re: Obsolete bogon filtering


From: Mike Leber <mleber () he net>
Date: Thu, 10 Mar 2005 14:03:28 -0800 (PST)



On Fri, 11 Mar 2005, Simon Lyall wrote:
On Thu, 10 Mar 2005, Rob Thomas wrote:
Folks can keep up with the bogon filters through a wide variety of
means.  We have HTTP, DNS, RADb objects, RIPE NCC objects, and
text files.

I think this has been posted here more than a few dozen times. Perhaps a
list of sites/Nocs that do not automate their updates could be kept so:

1. People would have a list of phone numbers to call every time a change
was made.

2. People would have a list of sites that were known to be of less
clue than most. This might help them make purchasing decisions in the
future.

Hmmmm, one wonders if the static security template has over time become
responsible for more realized loss of connectivity than the attacks it
theoretically protects against.

Perhaps it should be distributed with only a martian and RFC1918 filter,
and not the unallocated space, if everybody knows that people apply it in
a write once configuration manner.

Mike.

+----------------- H U R R I C A N E - E L E C T R I C -----------------+
| Mike Leber           Direct Internet Connections   Voice 510 580 4100 |
| Hurricane Electric     Web Hosting  Colocation       Fax 510 580 4151 |
| mleber () he net                                       http://www.he.net |
+-----------------------------------------------------------------------+


Current thread: