North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: netscan.org update

  • From: Roeland M.J. Meyer
  • Date: Tue Sep 26 12:55:51 2000

> From: John Fraizer [mailto:[email protected]]
> Sent: Tuesday, September 26, 2000 9:43 AM
> 
> On Tue, 26 Sep 2000, Roeland M.J. Meyer wrote:
> 
> > Defense is a lot less socially antagonistic than offensively BGP
> > black-holing antire IP-blocks (which can get you seriously sued) and
> > creating more outages than we already have to suffer through.
> 
> Roeland,
> 
> The last time I checked, AS65535 (picked for obvious reasons) does not
> have a transit contract in place with my company and as such, has
> absolutely NO grounds to sue me if we choose to blackhole 
> routes to them
> at our borders.
> 
> No transit contract -- no guaranteed transit.  It's just that simple.

The operative would that I used was "can" and not "will". However, you
don't discount my statement about blackholing creating artificial
outages. I am proposing a more surgical response to the smurf threat.
One that in no way creates outages and may be more socially acceptable.

You also missed the point that a IP-block can pass the netscan.org test
and STILL be a smurf amp via it's subnets. The subnet bcast addrs aren't
hard to find.