North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: RBL-type BGP service for known rogue networks?
Dan Hollis wrote: >The BL wouldnt try to block floods or DoS attacks. Its aim is to block >sites which originate breakins. If break-ins is what you're trying to avoid, a blacklist would be a terrible idea. The proper way to prevent break-ins is not to block communications with certain sites, but to fix broken software and poorly configured systems so that any break-in attempts will be unsuccessful. A blacklist would only encourage your would-be attacker to employ additional intermediaries, thereby potentially causing more damage for more people while making the ultimate source more difficult to trace. It would also give operators a false sense of security, an attitude which could lead to thoughtless setups acting as havens for the very break-ins your proposed blacklist is intended to combat. Mark -- Do not reply directly to this e-mail address -- Mark Mentovai UNIX Engineer Gillette Global Network