Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons

• Previous message: Sean Donelan: "Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Maybe in reply to: Sean Donelan: "Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Next in thread: Barry Greene (bgreene): "RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Reply: Barry Greene (bgreene): "RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

http://www.completewhois.com/hijacked/files/203.27.251.0.txt

http://www.completewhois.com/hijacked/index.htm

This can proof the opposite.

Malware comes from redirected allocated blocks, not from bogons.

Kind regards
Peter and Karin

Sean Donelan wrote:
>
> On Fri, 2 Mar 2007, Daniel Senie wrote:
>
>> How do you know, if you're the one being attacked and you have no idea
>> if the originating network or their immediate upstream implemented
>> BCP38? Shall we just discard ingress filtering? If few attacks are
>> using it today, should we declare it no longer relevant? At the same
>> time we should ask if we should be x-raying shoes at the airport,
>> since there's only been one guy who tried to blow up his shoes. The
>> larger security question is, "do you stop looking for old threats
>> simply because they're not the most common threats?" How many CodeRed
>> packets flow over the Internet on a typical day? I assure you it's not
>> zero.
>
>
> Show me the data.
>
> How many CodeRed packets originate from unallocated addresses?
>
> Is the proposal actually effective at detecting or protecting against
> the threat? Or is it just a wasted effort for show?
>
> http://www.tsa.gov/press/happenings/kip_hawley_x-ray_remarks.shtm
>
> Instead of dropping packets with unallocated sources addresses, perhaps
> backbones should shutdown interfaces they receive packets from
> unallocated address space. Would this be more effective at both
> stopping the sources of unallocated addresses; as well as sources that
> spoof other addresses because the best way to prevent your interface
> from being shutdown by backbone operators is to be certain you only
> transmit packets with your source addresses.

-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher-Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: 
mail: 
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
http://www.cesidianroot.com/

• Previous message: Sean Donelan: "Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Maybe in reply to: Sean Donelan: "Re: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Next in thread: Barry Greene (bgreene): "RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Reply: Barry Greene (bgreene): "RE: Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]