North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: Please Check Filters - BOGON Filtering IP Space 22.214.171.124/19
On Wed, 16 Feb 2005, Kunjal Trivedi wrote: > Due to the feedback we've received on the Autosecure bogon list issue, we've > decided to do the following: > > 1) Provide a fix that removes bogon ACL creation and deployment from the > Autosecure feature. This change will be available in mainline and > maintenance software releases. For the software release details, please > refer to 2. > > 2) A Cisco Field Notice will be published to inform customers of the change > and will contain instructions on how to remove the bogon ACLs created by > executing the autosecure command. > > We'll update the list with the Field Notice URL as soon as it's available. > Tentative date for FN posting is 18th February 2005. The pendulum swings too far in the other direction. Martian addresses are relatively static, and might be good candidates for one-click security. If you see a 127.0.0.0/8 packet floating around, its probably up to no good. The objection is naive people assuming all the addresses on the list are the same, in particular what Team Cymru calls "Bogons." Bogon filters should only be configured by people who understand what they are doing. Bogon lists, as opposed to Martian lists, are probably not a good thing for cookbook security or one-click auto-configure.