Educause Security Discussion mailing list archives

Re: Protecting from phishing

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 20 Oct 2009 11:01:08 -0400

On Tue, 20 Oct 2009 08:33:41 EDT, Leo Song said:

adversely we often become victims of such trust, I am hoping something
could be done at network routing part, maybe BGP could have another
field called "reputation"


That gets tricky and messy *really* fast, because BGP routes on a per-AS
basis - and an AS can be *very* large.  We're AS1312, and we're *tiny*
at only 2 /16s of address space.  Do you *really* want to null-route all
of Comcast, or all of Sprint Business, or...

(The real gotcha is that if you're trying to use BGP to stop inbound
spam from Comcast, you'll suddenly discover that any of your users that
have Comcast cable will suddenly be unable to get to your webserver or
check their e-mail or...  The collateral damage sucks.)

Attachment: _bin
Description:

Current thread:

Protecting from phishing John LaPrad (Oct 19)
- <Possible follow-ups>
- Re: Protecting from phishing Joel Rosenblatt (Oct 19)
- Re: Protecting from phishing Paul Kendall (Oct 19)
- Re: Protecting from phishing Flynn, Gerald (Oct 19)
- Re: Protecting from phishing Jesse Thompson (Oct 19)
- Re: Protecting from phishing Leo Song (Oct 20)
- Re: Protecting from phishing Valdis Kletnieks (Oct 20)
- Re: Protecting from phishing Valdis Kletnieks (Oct 20)
- Re: Protecting from phishing John LaPrad (Oct 20)