nanog mailing list archives
Re: "general badness" AS-based reputation system
From: Jimmy Hess <mysidia () gmail com>
Date: Sun, 25 Sep 2011 18:31:42 -0500
On Sun, Sep 25, 2011 at 10:37 AM, Gadi Evron <ge () linuxbox org> wrote:
In my opinion, third-party security based AS-reputation systems will eventually become de-facto border filtering systems for ISPs, but that day is still not here, as that is still socially unacceptable in our circles, and will remain so until it becomes _necessary_.
Sorry... what makes you think the problem with use of a AS-reputation systems is social and not technical? IP packets are not stamped with the numbers of any of the AS they transitted to reach your network. The IP protocol simply does not expose AS number information, therefore, for filtering purposes, you don't actually have the information.... It's difficult to justify a complex AS-reputation system that would have limited effectiveness, and really, is little better than other reputation system methods (such as source address blacklisting) -- -JH
Current thread:
- "general badness" AS-based reputation system Gadi Evron (Sep 25)
- Re: "general badness" AS-based reputation system Jimmy Hess (Sep 25)
- Re: "general badness" AS-based reputation system Gadi Evron (Sep 26)
- <Possible follow-ups>
- Re: "general badness" AS-based reputation system Manish Karir (Sep 25)
- Re: "general badness" AS-based reputation system Tom Vest (Sep 25)
- Re: "general badness" AS-based reputation system Manish Karir (Sep 25)
- Re: "general badness" AS-based reputation system Suresh Ramasubramanian (Sep 25)
- Re: "general badness" AS-based reputation system Tom Vest (Sep 26)
- Re: "general badness" AS-based reputation system Tom Vest (Sep 25)
- Re: "general badness" AS-based reputation system Gadi Evron (Sep 26)
- Re: "general badness" AS-based reputation system Serranos (Sep 28)
- Re: "general badness" AS-based reputation system Jimmy Hess (Sep 25)