North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Is it time to abandon bogon prefix filters?
On Aug 7, 2008, at 2:04 PM, Pete Templin wrote:
Patrick W. Gilmore wrote:
Team Cymru offers many ways to set up filters, null routes, etc. See <http://www.team-cymru.org/Services/Bogons/ >.
Oh, and to answer Randy's question about how much actually comes from bogons, on that same page:
How much does it help to filter the bogons? In one study conducted by Rob Thomas of a frequently attacked site, fully 60% of the naughty packets were obvious bogons (e.g. 127.1.2.3, 0.5.4.3, etc.). A presentation based on that study, entitled "60 Days of Basic Naughtiness," can be viewed here. Your mileage may vary, and you may opt to filter more conservatively or more liberally. As always, you must KNOW YOUR NETWORK to understand the effects of such filtering.
I guess that means filtering bogons is useful.
-- TTFN, patrick