Re: Information re: Cyberpromo

[Nathan Stratton <nathan () netrail net>]

On Mon, 2 Jun 1997, Danny McPherson wrote:

> > Was that some wrappered service? Looked like tcp_wrappers.
> > I think a router with enough memory would be a better performer
> > for filtering activies at that layer.
> >
> > I did go ahead and install the relay denial rulesets published on 
> > sendmail.org for 8.8.x and they work fine. Cyberpromo appears to 
> > have been using "Cyberbomber" on our ports. 
> >
> > I guess I'm naive, but I thought NAPS wanted to stop this kind  
> > of thing, and most had explicit rules about it. Guess not. Back to
> > the clue-store with me. :-/
>
> are you suggesting that providers filter /16's because they were spammed from 
> a host in some tiny portion of the block..?  i'd bet it wouldn't take two 
> days, much less two weeks, to receive complaints from our own customer's (or 
> any moderately large provider's) for that sorta thing...
>
> one semi-solution would be to receive vixie's spam feed, at least it's as 
> precise as possible .. and less headache.

Not just /16, but all of AGIS IP space.

Nathan Stratton                                President, NetRail,Inc.
------------------------------------------------------------------------
Phone   (888)NetRail                           NetRail, Inc.
Fax     (404)522-1939                          230 Peachtree Suite 500
WWW     http://www.netrail.net/                Atlanta, GA 30303
------------------------------------------------------------------------
"No king is saved by the size of his army; no warrior escapes by his
great strength.                                        - Psalm 33:16