North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19

  • From: Bill Stewart
  • Date: Fri Jan 21 14:40:04 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=uarIh0CKdWBWDHfM2p6HDNgoC0AEreCFZk39SLWoDf3AAQVzWx9GfdbkRhc4XsNSQfZ9BbbA6YeoDAitwj5dB1Ma9q+ph3gRCbMlpj8C+tqOGqi0byoKFeAwUdXv4sscCpNUB1gjkKo2Bz8Vm/lfTCAufhUGbbsIP+xAyWrQXrs=
On Thu, 20 Jan 2005 20:16:14 +0530, Suresh Ramasubramanian
<[email protected]> wrote:
> Analogies suck, but look at (for example) Norton AntiVirus.  You pay
> for a year of virus definition updates.  Then when the year runs out,
> Symantec is not going to give you a single new virus definition even
> if there's a new worm around that dwarfs Sobig, Klez and all the other
> viruses put together ...  I can see brand C following a similar
> strategy with their bogon updates.

The problem with this analogy is that the failure modes are opposite.
Once something is a virus, it stays a virus, so keeping it in your
virus file forever is fine;
all you miss are the new viruses.
But once something is a bogon, it doesn't stay a bogon; it eventually
will get used,
unless the Great IPv6 Revolution catches up with us first.
A slightly more conservative approaches is to not list the next couple
of address blocks
as bogons, but that just means that problems will occur six months
later when everybody's forgotten to update them.
----
             Thanks;     Bill

Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.