|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Defeating DoS Attacks Through Accountability
Barry Raveendran Greene wrote: >> I'll put it this way: filtering should be done against blocks that a >> customer can announce, not against blocks that a customer is actively >> announcing. If you're filtering purely against current advertisements, >> you're bound to break something sooner or later. > >Good theory. But what one public source do all the ISP agree to validate the >authority to announce? Regional IP address allocating bodies - in other words, ARIN. If you aren't listed as responsible for the block in question, you should either have the information updated (SWIP or rwhois) or obtain written authorization from a representative of the organization controlling the block. It's far from perfect because enthusiasm for providing accurate data via SWIP and rwhois doesn't really exist as it should, but it's probably the best anyone can come up with. Perhaps putting SWIP and rwhois data to a good use such as this would increase awareness of it and cause the databases to become more appropriately populated. Mark
|