nanog mailing list archives
RE: Blackholes and IXs and Completing the Attack.
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Sat, 2 Feb 2008 21:50:51 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Ben Butler" <ben.butler () c2internet net> wrote:
The effect of this would be that any BotNet controlled hosts in the other member network would now be able to drop any attack traffic in their network on destination at their customer aggregation routers. I think you might have thought I was suggesting we blackhole sources in other peoples networks - this is definatly not what I was saying. So, given we all now understand each other - why is no one doing the above?
We (Trend Micro) do something similar to this -- a black-hole BGP feed of known botnet C&Cs, such that the C&C channel is effectively black-holed. At least that way, people can deal with cleaning up the end-systems in their own way, at their own pace, while the amount of malicious activity is effectively "crippled". - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHpOWyq1pz9mNUZTMRAhtLAJwLNH9Ie+mE0106NlY6Qdy43uag1gCgv7wq le4yfSlaa2kUHtchC2X+bbQ= =4P1g -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- Re: Blackholes and IXs and Completing the Attack., (continued)
- Re: Blackholes and IXs and Completing the Attack. Christopher Morrow (Feb 03)
- RE: Blackholes and IXs and Completing the Attack. Barry Greene (bgreene) (Feb 03)
- RE: Blackholes and IXs and Completing the Attack. Ben Butler (Feb 03)
- RE: Blackholes and IXs and Completing the Attack. Ben Butler (Feb 03)
- Re: Blackholes and IXs and Completing the Attack. Christopher Morrow (Feb 03)
- Re: Blackholes and IXs and Completing the Attack. Matthew Moyle-Croft (Feb 03)
- RE: Blackholes and IXs and Completing the Attack. Ben Butler (Feb 02)
- RE: Blackholes and IXs and Completing the Attack. Ben Butler (Feb 02)
- Re: Blackholes and IXs and Completing the Attack. Roland Dobbins (Feb 02)