RE: Is it time to abandon bogon prefix filters?

["Darden, Patrick S." <darden () armc org>]

1.  DOS of Cymru (as noted below).
2.  False Positives.  Your network is suddenly stranded.  Maybe on purpose. (DOS of a network, e.g. China or Youtube).
3.  False Negatives.  A bogus network is suddenly centrally rubber-stamped.  Could happen.  We've seen a lot of 
shenanigans with the domain registrars--similar issues could happen here.
.
.

I guess I am just trying to say that a centralized trusted repository brings with it a chance for a single point of 
failure.  Could be the pros outweigh the cons.  There are issues with a de-centralized system as well (which is what 
brought this conversation about.)  Nothing specific to Cymru.

--Patrick Darden


-----Original Message-----
From: Skywing [mailto:Skywing () valhallalegends com]
Sent: Wednesday, August 06, 2008 1:25 PM
To: Patrick W. Gilmore; NANOG list
Subject: RE: Is it time to abandon bogon prefix filters?


Then again, it does make Team Cymru an attractive target for DoS or even compromise if they can control routing policy 
to a degree for a large number of disparate networks.  Especially if it gets in the way of for-profit spammers.

(Not trying to knock them, just providing a for consideration.  I would certainly hope and expect that Team Cymru would 
do their due dilligance in that respect, but it seems like an attractive central point of failure to attack to me.)

- S