[29751] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (jlewis@lewis.org)
Thu Jul 6 19:02:55 2000
Date: Thu, 6 Jul 2000 17:35:04 -0400 (EDT)
From: jlewis@lewis.org
To: Dan Hollis <goemon@sasami.anime.net>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.21.0007061344170.398-100000@anime.net>
Message-ID: <Pine.LNX.4.10.10007061733220.2042-100000@redhat1.mmaero.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 6 Jul 2000, Dan Hollis wrote:
> 1) Someone sets up server X on company Y network and starts rooting sites.
> 2) company Y, once notified, refuses to shut down server X, even when its
> been CONFIRMED server X is indeed rooting sites.
> 3) company Y has a HISTORY of such attacks and refuses to take any action.
>
> tin.it obviously fits all 3 criteria and thus would be blackholed. it
> might not get them to change their behaviour, but at least people who
> subscribe to the blackhole list wouldnt be rooted by tin.it customers
Except that any good script kid has root on numerous boxes. Just blocking
a well known site full of rooted boxes probably won't do much good since
they crack and scan from random boxes all over the world as they root
them.
----------------------------------------------------------------------
Jon Lewis *jlewis@lewis.org*| I route
System Administrator | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
