Re: Packet Kiddies Invade NANOG

• From: David Barak
• Date: Tue Mar 16 09:10:25 2004

--- [email protected] wrote:

> Assuming that they are not sourcing the attacks
> in Banetele's AS, then you, the peer of Banetele
> are delivering the packet stream that kills the
> BGP session. How long before peering agreements
> require ACLs in border routers so that only BGP 
> peering routers can source traffic destined to
> your BGP speaking routers?

Even better is to seperate the control plane from the
forwarding plane, and ensure that the control plane of
a given router cannot be spoken to by anyone who is
not either internal or a direct BGP peer.  Why permit
garbage to touch your network?  

-David Barak
-Fully RFC 1925 Compliant-

=====
David Barak
-fully RFC 1925 compliant-

__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com

• References:
  • Re: Packet Kiddies Invade NANOG Michael.Dillon

• Prev by Date: RE: 2001:590::/32 announced by both AS4436 (nLayer) and AS4474(Global Village, no contact in whois, but seems to be nLayer...)
• Next by Date: RE: 2001:590::/32 announced by both AS4436 (nLayer) and AS4474(Global Village, no contact in whois, but seems to be nLayer...)
• Date Index
• Thread Index
• Author Index
• Historical