[106628] in North American Network Operators' Group
Re: Is it time to abandon bogon prefix filters?
daemon@ATHENA.MIT.EDU (Sam Stickland)
Thu Aug 7 12:17:39 2008
Date: Wed, 6 Aug 2008 12:59:58 -0700
In-Reply-To: <982D8D05B6407A49AD506E6C3AC8E7D66150B1D4DC@caralain.haven.nynaeve.net>
From: "Sam Stickland" <sam_mailinglists@spacething.org>
To: "Skywing" <Skywing@valhallalegends.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
This is a multi-part message in MIME format.
------_=_NextPart_001_01C8F7FF.2B958700
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Skywing wrote:
> Then again, it does make Team Cymru an attractive target for DoS or even =
compromise if they can control routing policy to a degree for a large numbe=
r of disparate networks. Especially if it gets in the way of for-profit sp=
ammers.
>
> (Not trying to knock them, just providing a for consideration. I would c=
ertainly hope and expect that Team Cymru would do their due dilligance in t=
hat respect, but it seems like an attractive central point of failure to at=
tack to me.)
>=20=20=20
Use a prefix list of existing bogons against the Team Cymru BGP feed. If=20
they are hacked this limits the possible attacks to the following bounds:
1) They advertise no address space, and you end up with no bogon filtering.
2) They advertise all of the IPv4 address space, but your prefix list=20
limits this to (an admittedly out-of-date) list of bogons.
Sam
To report this e-mail as SPAM, forward it to spam@mailcontrol.com
The information contained in this E-mail message, including any attached fi=
les transmitted, is confidential and may be legally privileged. It is inten=
ded only for the sole use of the individual(s) named above. If you are the =
intended recipient, be aware that your use of any confidential or personal =
information may be restricted by state and federal privacy laws. If you, th=
e reader of this message, are not the intended recipient, you are hereby no=
tified that you should not further disseminate, distribute, or forward this=
E-mail message. If you have received this E-mail in error, please notify t=
he sender and delete the material from your computer system. This message i=
s provided for information purposes and should not be construed as a solici=
tation or offer to buy or sell any securities or related financial instrume=
nts in any jurisdiction.
------_=_NextPart_001_01C8F7FF.2B958700--
