nanog mailing list archives

Re: RBL-type BGP service for known rogue networks?

From: Mark Mentovai <marklist () ggn net>
Date: Thu, 6 Jul 2000 19:35:19 -0400 (EDT)


Dan Hollis wrote:

The BL wouldnt try to block floods or DoS attacks. Its aim is to block
sites which originate breakins.


If break-ins is what you're trying to avoid, a blacklist would be a terrible
idea.  The proper way to prevent break-ins is not to block communications
with certain sites, but to fix broken software and poorly configured systems
so that any break-in attempts will be unsuccessful.  A blacklist would only
encourage your would-be attacker to employ additional intermediaries,
thereby potentially causing more damage for more people while making the
ultimate source more difficult to trace.  It would also give operators a
false sense of security, an attitude which could lead to thoughtless setups
acting as havens for the very break-ins your proposed blacklist is intended
to combat.

Mark

-- 
Do not reply directly to this e-mail address
--
Mark Mentovai
UNIX Engineer
Gillette Global Network

Current thread:

Re: RBL-type BGP service for known rogue networks?, (continued)
- - - Re: RBL-type BGP service for known rogue networks? Valdis . Kletnieks (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Kai Schlichting (Jul 06)
  - Re: RBL-type BGP service for known rogue networks? Steve Sobol (Jul 06)
- RE: RBL-type BGP service for known rogue networks? Mark Borchers (Jul 06)
  - RE: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
- RE: RBL-type BGP service for known rogue networks? Karyn Ulriksen (Jul 06)
  - Re: RBL-type BGP service for known rogue networks? David Charlap (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Tony Mumm (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Mark Mentovai (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Shawn McMahon (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? John Payne (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Valdis . Kletnieks (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Christopher Palmer (Jul 07)
    - Re: RBL-type BGP service for known rogue networks? Ben Beuchler (Jul 07)
    - Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 07)
    - Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? John Payne (Jul 06)
    - Re: RBL-type BGP service for known rogue networks? Joe Shaw (Jul 06)

(Thread continues...)