nanog mailing list archives
RE: RBL-type BGP service for known rogue networks?
From: rdobbins () netmore net
Date: Fri, 7 Jul 2000 16:19:27 -0700
But that's why we have human beings in the NOCs, no? As I'm mucking about with the Cisco Netranger/IDS on one of my networks, I've been able to winnow down the false-positives substantially, and am still working on improving its reliability further. I certainly don't think that intrusion-detection makes sense for the backbones and NAPs and so forth, but when you get closer to the traffic-orginator/requestor boundaries of the network, it becomes more feasible, does it not? -----Original Message----- From: John Kristoff [mailto:jtk () depaul edu] Sent: Friday, July 07, 2000 1:59 PM To: nanog () merit edu Subject: Re: RBL-type BGP service for known rogue networks? rdobbins () netmore net wrote:
Isn't that why some sort of intrusion/exploit-detection system integrated with ACLs would perhaps be a better remedy?
Dealing with false positives and "intentional" black holing would be a difficult thing to get right. It sounds like the MAPS approach someone mentioned earlier would be workable. John
Current thread:
- Re: RBL-type BGP service for known rogue networks?, (continued)
- Re: RBL-type BGP service for known rogue networks? Steve Sobol (Jul 07)
- Message not available
- RE: RBL-type BGP service for known rogue networks? Kai Schlichting (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Chris (Jul 07)
- RE: RBL-type BGP service for known rogue networks? Vijay Gill (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Steve Noble (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Steve Sobol (Jul 07)
- Re: RBL-type BGP service for known rogue networks? John Kristoff (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Steve Sobol (Jul 07)
- Re: RBL-type BGP service for known rogue networks? John Kristoff (Jul 07)
- RE: RBL-type BGP service for known rogue networks? Randy Bush (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Shawn McMahon (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Peter van Dijk (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Eric A. Hall (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)