nanog mailing list archives
Re: Is it time to abandon bogon prefix filters?
From: Niels Bakker <niels=nanog () bakker net>
Date: Fri, 8 Aug 2008 01:03:21 +0200
* randy () psg com (Randy Bush) [Fri 08 Aug 2008, 00:59 CEST]:
rob,If the source of a scan or probe is a bogon, we tag it that way in our data store. I went back to 2008-01 and found the following percentages of bogons in our data:
[..]
2008-08: 0.001258054% (thus far)this is an extremely far cry from 60%. what am i not understanding? and can you separate reserved (127, ...) and unallocated?
This is scanning of darknets - usually you're interested in what comes back, i.e. can you 0wn it? so src has to be valid.
(D)DoS of course are much more likely to come closer to the 60% number. No need to get the SYN+ACKs or the ICMP echo replies back...
-- Niels.
Current thread:
- Re: Is it time to abandon bogon prefix filters?, (continued)
- Re: Is it time to abandon bogon prefix filters? Mark Andrews (Aug 25)
- Re: Is it time to abandon bogon prefix filters? Pete Templin (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Patrick W. Gilmore (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Robert E. Seastrom (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Randy Bush (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Robert E. Seastrom (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Patrick W. Gilmore (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Rob Thomas (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Rob Thomas (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Randy Bush (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Niels Bakker (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Rob Thomas (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Rob Thomas (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Patrick W. Gilmore (Aug 07)
- Re: Is it time to abandon bogon prefix filters? Patrick W. Gilmore (Aug 06)
- RE: Out of Date Bogon Prefix Nick Downey (Aug 06)