[29734] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jul 6 15:55:19 2000
Message-Id: <200007061939.e66Jd2S26426@black-ice.cc.vt.edu>
To: Dan Hollis <goemon@sasami.anime.net>
Cc: Karyn Ulriksen <kulriksen@publichost.com>,
"'nanog@merit.edu'" <nanog@merit.edu>
In-Reply-To: Your message of "Thu, 06 Jul 2000 12:22:09 PDT."
<Pine.LNX.4.21.0007061214420.31465-100000@anime.net>
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_-1312840944P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Thu, 06 Jul 2000 15:39:02 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-1312840944P
Content-Type: text/plain; charset=us-ascii
On Thu, 06 Jul 2000 12:22:09 PDT, Dan Hollis said:
> Im not talking about spammer networks im talking about script kiddie
> networks. We already have several systems for dealing with spammers but
> none for script kiddies. (I cant be the only person who sees a problem
> with this picture?)
The biggest problem is that it's a lot easier to verify that a given site
is a spamhaus. Remember that source IP addresses (which is all that your
border router sees) are forgeable - making for a nice DOS attack. Forge
packets from a competitor's site, get them labelled as a skriptz kiddie site,
and BGP-blackholed.
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
--==_Exmh_-1312840944P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
Comment: Exmh version 2.2 06/16/2000
iQA/AwUBOWTgVXAt5Vm009ewEQLpIACg1xF7gvFDepseEU2Elhl2KVJ9GRkAoKcz
uWWMvhO6ZSVclbkFszUS/F6V
=2YIj
-----END PGP SIGNATURE-----
--==_Exmh_-1312840944P--
