[106608] in North American Network Operators' Group
Re: Is it time to abandon bogon prefix filters?
daemon@ATHENA.MIT.EDU (Sean Donelan)
Wed Aug 6 14:01:43 2008
Date: Wed, 6 Aug 2008 14:01:30 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: Randy Bush <randy@psg.com>
In-Reply-To: <4899BCB2.6050808@psg.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Thu, 7 Aug 2008, Randy Bush wrote:
> serious curiosity:
>
> what is the proportion of bad stuff coming from unallocated space vs
> allocated space? real measurements, please. and are there longitudinal
> data on this?
>
> are the uw folk, gatech, vern, ... measuring?
Attacks or misconfigured leaks?
Leaks of RFC1918 stuff is pretty common, just ask any of the root server
operators how many packets they see from RFC1918 leaking networks or do a
traceroute across several residential cable network backbones.
Attacks aren't as common because there is enough (not 100%) anti-spoofing
(good) and/or bogon-filters (not as good) in different parts of the
Internet it requires more thought to launch a spoofed DDOS than it does
just to use tens of thousands of non-spoofed bots to launch a DDOS.
Arbor Networks has some data.
