[87838] in North American Network Operators' Group
Re: do bogon filters still help?
daemon@ATHENA.MIT.EDU (Joseph S D Yao)
Thu Jan 12 12:22:41 2006
Date: Thu, 12 Jan 2006 12:22:10 -0500
From: Joseph S D Yao <jsdy@center.osis.gov>
To: nanog@nanog.org
Cc: Joseph S D Yao <jsdy@center.osis.gov>
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <20060112030759.GA9483@srv01.cluenet.de>
Errors-To: owner-nanog@merit.edu
On Thu, Jan 12, 2006 at 04:08:00AM +0100, Daniel Roesen wrote:
...
> > Otherwise, packets tend to get dropped by filters.
>
> By which ones? Folks with too much time feeding their paranoia, or is
> there any actual realistic attack to prevent by filtering packets with
> source 192.88.99.1?
...
As Bill pointed out, filters that contain too much actually harm the
network - longer than actual attacks, perhaps. I have no quantitative
evidence to say "more", and perhaps it's one of those opinion things.
[Currently trying to fix a problem with same.]
--
Joe Yao
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
