nanog mailing list archives
Re: Is it time to abandon bogon prefix filters?
From: Sam Stickland <sam_mailinglists () spacething org>
Date: Wed, 06 Aug 2008 20:59:58 +0100
Skywing wrote:
Use a prefix list of existing bogons against the Team Cymru BGP feed. If they are hacked this limits the possible attacks to the following bounds:Then again, it does make Team Cymru an attractive target for DoS or even compromise if they can control routing policy to a degree for a large number of disparate networks. Especially if it gets in the way of for-profit spammers. (Not trying to knock them, just providing a for consideration. I would certainly hope and expect that Team Cymru would do their due dilligance in that respect, but it seems like an attractive central point of failure to attack to me.)
1) They advertise no address space, and you end up with no bogon filtering.2) They advertise all of the IPv4 address space, but your prefix list limits this to (an admittedly out-of-date) list of bogons.
Sam
Current thread:
- RE: Is it time to abandon bogon prefix filters? Skywing (Aug 06)
- RE: Is it time to abandon bogon prefix filters? Darden, Patrick S. (Aug 06)
- Re: Is it time to abandon bogon prefix filters? Rob Thomas (Aug 06)
- Re: Is it time to abandon bogon prefix filters? Sam Stickland (Aug 06)
- <Possible follow-ups>
- Re: Is it time to abandon bogon prefix filters? Eric Jensen (Aug 18)