[31505] in North American Network Operators' Group
RE: netscan.org update
daemon@ATHENA.MIT.EDU (Roeland M.J. Meyer)
Tue Sep 26 12:54:23 2000
Message-ID: <1148622BC878D411971F0060082B042C3718@hawk.lvrmr.mhsc.com>
From: "Roeland M.J. Meyer" <rmeyer@MHSC.com>
To: John Fraizer <nanog@EnterZone.Net>,
"Roeland M.J. Meyer" <rmeyer@MHSC.com>
Cc: nanog@merit.edu
Date: Tue, 26 Sep 2000 09:49:17 -0700
MIME-Version: 1.0
Content-Type: text/plain
Errors-To: owner-nanog-outgoing@merit.edu
> From: John Fraizer [mailto:nanog@EnterZone.Net]
> Sent: Tuesday, September 26, 2000 9:43 AM
>
> On Tue, 26 Sep 2000, Roeland M.J. Meyer wrote:
>
> > Defense is a lot less socially antagonistic than offensively BGP
> > black-holing antire IP-blocks (which can get you seriously sued) and
> > creating more outages than we already have to suffer through.
>
> Roeland,
>
> The last time I checked, AS65535 (picked for obvious reasons) does not
> have a transit contract in place with my company and as such, has
> absolutely NO grounds to sue me if we choose to blackhole
> routes to them
> at our borders.
>
> No transit contract -- no guaranteed transit. It's just that simple.
The operative would that I used was "can" and not "will". However, you
don't discount my statement about blackholing creating artificial
outages. I am proposing a more surgical response to the smurf threat.
One that in no way creates outages and may be more socially acceptable.
You also missed the point that a IP-block can pass the netscan.org test
and STILL be a smurf amp via it's subnets. The subnet bcast addrs aren't
hard to find.
