North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bogon filtering (don't ban me)

  • From: Patrick W Gilmore
  • Date: Sun Dec 05 15:13:39 2004

On Dec 5, 2004, at 3:08 PM, Mikael Abrahamsson wrote:

On Sun, 5 Dec 2004, Jørgen Hovland wrote:

Blocking bogons will result in that attackers use existing netblocks
instead. This will again result in more insecureness since any attack will
If the people making attack code would stay out of 224.0.0.0/4 space (both
for dest and src) it would be a big improvement.
And if the people making attack code were forced to use real IP address, or, put another way, if you could guarantee that the source IP address on an attack packet was the actual source of the attack, it would help in tracking attacks.

Before you say "we know where bot-net attacks are originating, but cannot get them to stop", that is another problem. As Rob said, problems are solved in steps, not with one wave of the magic wand. And saying "step one won't solve the problem so we shouldn't even start" is not, IMHO, a good idea.

--
TTFN,
patrick