[102148] in North American Network Operators' Group
Re: Worst Offenders/Active Attackers blacklists
daemon@ATHENA.MIT.EDU (Edward B. DREGER)
Tue Jan 29 16:27:32 2008
Date: Tue, 29 Jan 2008 21:23:27 +0000 (GMT)
From: "Edward B. DREGER" <eddy+public+spam@noc.everquick.net>
To: "Patrick W. Gilmore" <patrick@ianai.net>
cc: nanog list <nanog@nanog.org>
In-Reply-To: <6FBA9B47-291A-4055-A607-D06F03B522EA@ianai.net>
Errors-To: owner-nanog@merit.edu
PWG> Date: Tue, 29 Jan 2008 15:50:50 -0500
PWG> From: Patrick W. Gilmore
PWG> [Z]one transfers, while not as bad as individual lookups, are still
PWG> a bad idea IMHO. For instance, are you sure you want your dynamic
PWG> filters 30 or 60 minutes out of date?
As opposed to infinitely out-of-date (i.e., no filters)? Don't get me
wrong; I'm none too keen on using DNS to distribute IP ACLs. I just am
nitpicking that one particular point.
PWG> BGP was discussed, but such feeds already exist and do not require a
PWG> firewall.
IMHO, this is better than anything DNS-based. Using zone transfers is
like using RIP. *shudder*
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.
