[29776] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Dan Hollis)
Thu Jul 6 23:47:54 2000
Date: Thu, 6 Jul 2000 19:04:53 -0700 (PDT)
From: Dan Hollis <goemon@sasami.anime.net>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
In-Reply-To: <20000706234651.2082.cpmta@c004.sfo.cp.net>
Message-ID: <Pine.LNX.4.21.0007061901520.6818-100000@anime.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On 6 Jul 2000, Sean Donelan wrote:
> On Thu, 6 Jul 2000, Dan Hollis wrote:
> > tin.it obviously fits all 3 criteria and thus would be blackholed. it
> > might not get them to change their behaviour, but at least people who
> > subscribe to the blackhole list wouldnt be rooted by tin.it customers
> While this might seem to be a belt and suspenders approach, anyone who
> cares about their machines being rooted spends their time securing
> their machines. After securing your machines, RBL'ing tin.it is just
> extra work. On the other hand, RBLing tin.it is of limited prophylactic
> value since, if you haven't secured your machines, the script kiddies
> will just root your machine from elsewhere.
A neat trick if you actually directly control all the machines in your
network. If you dont, then a scriptkiddie blackhole list does help.
Can you think of any good reason to continue accepting tin.it packets? I
cant.
Just because its not a perfect solution doesnt mean it doesnt have any
value whatsoever.
And if tin.it suddenly is unable to reach some portion of the internet due
to blackholing, they might actually bother to do something. (well, we can
hope.)
-Dan
