[95135] in North American Network Operators' Group
Re: Where are static bogon filters appropriate? was: 96.2.0.0/16
daemon@ATHENA.MIT.EDU (Gregory Edigarov)
Thu Mar 1 09:55:03 2007
Date: Thu, 01 Mar 2007 16:50:14 +0200
From: Gregory Edigarov <greg@bestnet.kharkov.ua>
To: Jon Lewis <jlewis@lewis.org>
Cc: "Chris L. Morrow" <christopher.morrow@verizonbusiness.com>,
Eric Ortega <eric.ortega@midco.net>, nanog@merit.edu
In-Reply-To: <Pine.LNX.4.61.0703010930400.2752@soloth.lewis.org>
Errors-To: owner-nanog@merit.edu
Jon Lewis wrote:
>
> On Thu, 1 Mar 2007, Chris L. Morrow wrote:
>
>> So, where are static bogon filters appropriate? (loaded question
>> perhaps)
>> I ask because just about every 'security expert' and 'security
>> whitepaper'
>> or 'security suggestions' has some portion that speaks to "why it's a
>> grand idea to have acl-lines/firewall-policy tp block 'bogon' ip space"
>> (for some definition of 'bogon' of course).
>
> I suppose they're appropriate when done by network security
> consultants, as it guarantees future / repeat business. :)
>
I'll second this opinion, As most of DDoS attacks are from zombies,
which are in registered networks.
Especially I did never see any traffic from so called bogons. Perhaps,
bogon acls are helpful when they are configured on backbone, but not
everywhere.
just my 1E-10 cents :-)
--
With best regards,
Gregory Edigarov
