[56620] in North American Network Operators' Group
RE: 69/8...this sucks
daemon@ATHENA.MIT.EDU (Andy Dills)
Tue Mar 11 12:51:10 2003
Date: Tue, 11 Mar 2003 12:50:35 -0500 (EST)
From: Andy Dills <andy@xecu.net>
To: Ejay Hire <ejay.hire@isdn.net>
Cc: nanog@merit.edu
In-Reply-To: <5B564A46C22FDB47A77C672D447D938C012DB681@bnaw2kmsx01.bna01.isdn.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 11 Mar 2003, Ejay Hire wrote:
> Er, guys... How does this fix the problem of a Malicious user
> advertising a more specific bogon route?
Come on...clearly you haven't been paying attention.
You need LDAP filters. LDAP filters and a South Vietnamese revolution
against the IRRs for being fragmented and greedy.
And if that doesn't poison your inverse arp, then multiplex a private
bogon server with a centralized host scanner-based DNSBL. Don't forget the
trailing dot! And don't forget to invert the subnet mask!
Andy
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills 301-682-9972
Xecunet, LLC www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access
