[29745] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Tony Mumm)
Thu Jul 6 17:59:19 2000
Message-Id: <200007062107.QAA01673@ins13.netins.net>
To: David Charlap <david.charlap@marconi.com>
Cc: nanog@merit.edu
In-reply-to: Your message of "Thu, 06 Jul 2000 16:27:38 EDT."
<3964EBBA.84D13BD2@marconi.com>
Date: Thu, 06 Jul 2000 16:07:07 -0500
From: Tony Mumm <tonym@netins.net>
Errors-To: owner-nanog-outgoing@merit.edu
David Charlap <david.charlap@marconi.com>
wrote
>
>
>I don't know if this what you were observing, but the MAPS RBL can be
>used in this capacity. See also:
>
> http://www.mail-abuse.org/rbl/usage.html#BGP
>
>Of course, you'd want a different database for blocking script kiddies.
>
>-- David
I think that is similar to what you want....and it might be adequate
against scanners and other simple hacks. I don't think it would be
worth anything against a flood, the flood isn't going to care
that it sees nothing coming back from your network. It might
discourage someone if they see no ECHO_REPLYs coming back from their 10 Mbit
smurf....but it probably wouldn't be long before they just stop caring.
Tony
