From: (no name) (no email)
Date: Tue Jan 02 2007 - 21:52:26 EST
On Tue, 02 Jan 2007 17:02:02 PST, "Joy, Dylan" said:
> I'm curious if anyone can answer whether there has been any traction
> made relative to blocking egress traffic (via BGP) on US backbones which
> is destined to IP addresses used for fraudulent purposes, such as
> phishing sites.
>
> I'm sure there are several challenges to implementing this...
Well, there's the whole "collateral damage" issue - often, these things pop up
on hosting sites, where trying to null-route www.phishers-r-us.com will
also break access to several thousand other domains hosted on the same
set of hardware (notice that same exact issue of collateral damage ended
up derailing a Pennsylvania law regarding the blocking of sites hosting
child pornography).
Then there's the whole trust issue - though the Team Cymru guys do an awesome
job doing the bogon feed, it's rare that you have to suddenly list a new
bogon at 2AM on a weekend. And there's guys that *are* doing a good job
at tracking down and getting these sites mitigated, they prefer to get the
sites taken down at the source. I'm not sure they would *want* to be trying
to do a BGP feed.
> NOTICE: This communication and any attachments may contain privileged or
> otherwise confidential information.
After you post to NANOG, it's not confidential, no matter what your legal eagles
pretend.
|
|
|