[29764] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Mark Mentovai)
Thu Jul 6 21:32:27 2000
Date: Thu, 6 Jul 2000 19:35:19 -0400 (EDT)
From: Mark Mentovai <marklist@ggn.net>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.21.0007061508150.2252-100000@anime.net>
Message-ID: <Pine.GSO.4.21.0007061927001.3129-100000@oak.ggn.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
Dan Hollis wrote:
>The BL wouldnt try to block floods or DoS attacks. Its aim is to block
>sites which originate breakins.
If break-ins is what you're trying to avoid, a blacklist would be a terrible
idea. The proper way to prevent break-ins is not to block communications
with certain sites, but to fix broken software and poorly configured systems
so that any break-in attempts will be unsuccessful. A blacklist would only
encourage your would-be attacker to employ additional intermediaries,
thereby potentially causing more damage for more people while making the
ultimate source more difficult to trace. It would also give operators a
false sense of security, an attitude which could lead to thoughtless setups
acting as havens for the very break-ins your proposed blacklist is intended
to combat.
Mark
--
Do not reply directly to this e-mail address
--
Mark Mentovai
UNIX Engineer
Gillette Global Network
