[11241] in North American Network Operators' Group
Re: Kashpureff Black List (REALLY AN OPERATIONAL QUESTION)
daemon@ATHENA.MIT.EDU (Jared Mauch)
Wed Jul 23 17:28:16 1997
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <19970723091308.05823@Jupiter.Mcs.Net> from Karl Denninger at "Jul 23, 97 09:13:08 am"
To: karl@Mcs.Net (Karl Denninger)
Date: Wed, 23 Jul 1997 15:02:02 -0400 (EDT)
Cc: ekgermann@cctec.com, nanog@merit.edu
Karl Denninger boldly claimed:
> On Wed, Jul 23, 1997 at 09:53:42AM -0400, Eric Germann wrote:
> > would an anti-kashpureff bgp feed fix the dns pollution problems similar to
> > the anti spam black list. If yes, is it collusion which would be
> > prosecutable? If no, what are the TECHNICAL reasons it wouldn't work.
> >
> > Eric
>
> No, because *ANY* nameserver which gets the pollution can then pollute you.
>
> Since you can't cut off EVERY nameserver with such a feed, it is pointless
> to attempt it.
Correct. The proper way to handle this is to install the
latest bind (8.1.1) or 4.9.6 (but 8.1.1 is better :), and it will
make it so folks can't inject bogon data into your nameservers.
- jared
--
----------------- jared@puck.nether.net - Nether Network ------------------
For a good time, look at http://www.izzy.net/~janc/tour/
For a worse time, look at http://puck.nether.net/
