nanog mailing list archives
Re: Global Blackhole Service
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Sat, 14 Feb 2009 17:45:11 -0500
On Feb 14, 2009, at 5:43 PM, Florian Weimer wrote:
* Steven M. Bellovin:As Randy and Valdis have pointed out, if this isn't done very carefullyit's an open invitation to a new, very effective DoS technique. You can't do this without authoritative knowledge of exactly who owns any prefix; you also have to be able to authenticate the request to blackhole it. Those two points are *hard*.If you want to run a public exchange point, you need to solve the same announcement validation problem. Multiple organizations appear to do it successfully, so it can't be that difficult.
No you don't. And yes it is.To be clear, I am not saying it should or should not be done, just that your comparison is invalid.
-- TTFN, patrick
Current thread:
- Re: Global Blackhole Service, (continued)
- Re: Global Blackhole Service Nuno Vieira - nfsi telecom (Feb 13)
- Re: Global Blackhole Service Nuno Vieira - nfsi telecom (Feb 13)
- Re: Global Blackhole Service Valdis . Kletnieks (Feb 13)
- Re: Global Blackhole Service Jack Bates (Feb 13)
- Re: Global Blackhole Service Jens Ott - PlusServer AG (Feb 13)
- Re: Global Blackhole Service Nuno Vieira - nfsi telecom (Feb 13)
- Re: Global Blackhole Service Steven M. Bellovin (Feb 13)
- Re: Global Blackhole Service Jens Ott - PlusServer AG (Feb 13)
- Re: Global Blackhole Service Jack Bates (Feb 13)
- Re: Global Blackhole Service Florian Weimer (Feb 14)
- Re: Global Blackhole Service Patrick W. Gilmore (Feb 14)
- Re: Global Blackhole Service Michael Thomas (Feb 15)
- Re: Global Blackhole Service Marshall Eubanks (Feb 15)
- cogent issues John Martinez (Feb 15)
- Re: cogent issues Michal Krsek (Feb 16)
- Re: cogent issues neal rauhauser (Feb 16)
- Re: cogent issues Marshall Eubanks (Feb 16)
- Re: cogent issues Ran Liebermann (Feb 16)
- Re: Global Blackhole Service Jack Bates (Feb 13)
- Re: Global Blackhole Service Matthew Moyle-Croft (Feb 14)
- Re: Global Blackhole Service Randy Bush (Feb 13)