[30245] in North American Network Operators' Group
Re: More on black-holed reserved/8 block.
daemon@ATHENA.MIT.EDU (Paul Vixie)
Thu Jul 20 13:32:50 2000
To: nanog@merit.edu
From: Paul Vixie <vixie@mibh.net>
Date: 20 Jul 2000 10:23:05 -0700
In-Reply-To: Valdis.Kletnieks@vt.edu's message of "20 Jul 2000 10:16:00 -0700"
Message-ID: <g37lagk96u.fsf@redpaul.mibh.net>
Errors-To: owner-nanog-outgoing@merit.edu
Valdis.Kletnieks@vt.edu writes:
> Is it the case that above.net is black-holing packets with a *destination*
> in the RBL, but *not* filtering packets with a *source* address from
> the RBL?
Please tell me how to automatically rebuild an ACL in real time based on
advertisements and withdrawals in a BGP feed, and I'll recommend that
everybody to that. Meanwhile, the RBL BGP feed only affects destinations.
> If so, this would still allow RPC-based attacks (and TCP as well,
> if the victim's box had bad sequence number prediction).
Yes.
