[125113] in North American Network Operators' Group
Re: BGP hijack from 23724 -> 4134 China?
daemon@ATHENA.MIT.EDU (Danny McPherson)
Thu Apr 8 22:19:38 2010
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <4BBE8B74.7040508@2mbit.com>
Date: Thu, 8 Apr 2010 20:17:52 -0600
To: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Apr 8, 2010, at 8:05 PM, Brielle Bruns wrote:
>=20
> Since there's been alot of requests for the ACLs, i've gone ahead and =
put the info on our wiki for easy access.
>=20
> http://wiki.sosdg.org/sosdg:internal:chinafilter
>=20
> Hope it comes in handy, and please let me know if i'm missing =
anything.
If you're going to post this and folks are actually going to consider=20
employing it I suspect it'd be well worthwhile to include on that page=20=
how you generated it and how you keep it updated -- so that it can be=20
updated by others as necessary. =20
Additionally, folks should note that this policy would have made zero=20
difference in this particularly incident, most of you likely realize =
that. =20
Furthermore, a policy such as this does nothing to mitigate exfiltration=20=
of data TO those address blocks you've listed.
FWIW, this is a lot like putting a bandaid on a headache - it's not =
going=20
to do much good in reality, and likely cause more harm than good in =
properly=20
secured networks - but it might make some folks feel a little better.
-danny
