[ppml] Bogons etc...

McBurnett, Jim jmcburnett at msmgmt.com
Wed Jan 21 14:02:17 EST 2004


This brings to mind another project I saw, 
DDoS filtering via BGP feed....
BGP input and then OSPF or RIP or EIGRP redis to 
firewall etc..
IE I pull it in to a small "one-armed" router sitting on
the network and then redis to other specific points...
in some cases I may not want to prevent some traffic from certain 
parts of my network, but want it filtered on other parts.
Later,
J

->-----Original Message-----
->From: owner-ppml at arin.net [mailto:owner-ppml at arin.net]On Behalf Of
->Michel Py
->Sent: Wednesday, January 21, 2004 1:56 PM
->To: Leo Bicknell; ppml at arin.net
->Subject: RE: [ppml] Bogons etc...
->
->
->> Leo Bicknell
->> Many people filtering spam would make use of a service that
->> accurately listed "dark" space, so even if someone was able
->> to get it routed server admins could drop mail from it.
->
->The idea is not to route it in the first place. Besides, it probably
->already exists on some RBLs.
->
->> Firewall admins would like to use it for packet
->> filtering, not route filtering.
->
->Packet filtering is what routers are for, and a BGP bogon feed does
->indeed make it very simple, as you can route to null0 all the 
->bogons. I
->do this already operationally, I can discard that traffic even before
->the firewall.
->
->Michel.
->



More information about the ARIN-PPML mailing list