nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Phishing and BGP Blackholing

From: "Fergie" <fergdawg () netzero net>
Date: Wed, 3 Jan 2007 07:12:28 GMT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One more thing:

If anyone thinks that fast-flux hosting isn't a problem, then you
haven't dealt with it.

I cannot imagine inject a /32 continuously into a BGP community-set.
That just sounds... insane.

More:
http://www.spamhaus.org/faq/answers.lasso?section=ISP%20Spam%20Issues#164

Cheers!

- - ferg




- -- "Fergie" <fergdawg () netzero net> wrote:

Instead of quoting earlier submissions, let me just add two
thoughts to this Bad Idea (tm):

(1) Proxy bypasses; and
(2) Fast-Flux place-shifters...

These are two hard problems, by themselves, although not impossible.
Having said that, injecting candidate host-routes into BGP (given
the already intolerable churn) is a horribly worse idea.

Good luck with all that...

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.2 (Build 4075)

wj8DBQFFm1dTq1pz9mNUZTMRAgN2AJ0ZvWf0ikxt8dpmzdVjuRX5MmcEagCg668t
NNFPoVJlAH1cNvSaiY+DmT4=
=3zHg
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/
Previous By Date Next
Previous By Thread Next

Current thread: