[42562] in North American Network Operators' Group
RE: What Worked - What Didn't
daemon@ATHENA.MIT.EDU (Randy Bush)
Mon Sep 17 21:30:56 2001
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: "Daniel Golding" <dgolding@sockeye.com>
Cc: <nanog@merit.edu>
Message-Id: <E15j5G9-0000wn-00@rip.psg.com>
Date: Mon, 17 Sep 2001 13:44:53 -0700
Errors-To: owner-nanog-outgoing@merit.edu
> The salient point here, is that this is not a widely adopted practice.
> If you feel it should be, by all means, make your case, as the internet
> community is probably more open to proposals designed to strengthen
> security now, than at most other times.
it is not a great defense, but it's some defense. like all security
efforts, it is not a cure but raises the barrier. i see no reason for
inter-isp peering and intra-isp ibgp to be covered fairly quickly. i
would suggest having one's provisioning folk working with bgp customers
to close that avenue as well, starting with the more critical customers.
also, think about your igp.
randy
