nanog mailing list archives
Blackholing APNIC Routes (or a subset of)
From: "Eric Germann" <ekgermann () cctec com>
Date: Tue, 5 Nov 2002 15:22:36 -0500
Anyone want to admit privately (I'll summarize to the list) if they actively filter certain partitions of APNIC space? We did a little experiment the past couple of days and saw at 85% of our port 13[5-9] scans, Code Red/Nimda/formmail attempts, etc. go out the door by blackholing those networks in .cn and .kr. Thoughts? Is it a valid thesis? I've seen the discussions for spam mitigation, etc via DNS, but this is actually null routing all their traffic. Eric ========================================================================== Eric Germann CCTec ekgermann () cctec com Van Wert OH 45801 http://www.cctec.com Ph: 419 968 2640 Fax: 603 825 5893 "The fact that there are actually ways of knowing and characterizing the extent of one’s ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky" -- Jon Giorgini of NASA’s Jet Propulsion Laboratory
Attachment:
Eric Germann.vcf
Description:
Current thread:
- Blackholing APNIC Routes (or a subset of) Eric Germann (Nov 05)
- Re: Blackholing APNIC Routes (or a subset of) Joe Abley (Nov 05)
- Re: Blackholing APNIC Routes (or a subset of) batz (Nov 05)
- Re: Blackholing APNIC Routes (or a subset of) steve uurtamo (Nov 05)
- Re: Blackholing APNIC Routes (or a subset of) Petri Helenius (Nov 05)