|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: RBL-type BGP service for known rogue networks?
But that's why we have human beings in the NOCs, no? As I'm mucking about with the Cisco Netranger/IDS on one of my networks, I've been able to winnow down the false-positives substantially, and am still working on improving its reliability further. I certainly don't think that intrusion-detection makes sense for the backbones and NAPs and so forth, but when you get closer to the traffic-orginator/requestor boundaries of the network, it becomes more feasible, does it not? -----Original Message----- From: John Kristoff [mailto:[email protected]] Sent: Friday, July 07, 2000 1:59 PM To: [email protected] Subject: Re: RBL-type BGP service for known rogue networks? [email protected] wrote: > Isn't that why some sort of intrusion/exploit-detection system integrated > with ACLs would perhaps be a better remedy? Dealing with false positives and "intentional" black holing would be a difficult thing to get right. It sounds like the MAPS approach someone mentioned earlier would be workable. John
|