nanog mailing list archives
Re: BGP list of phishing sites?
From: Paul Vixie <vixie () vix com>
Date: 28 Jun 2004 05:14:16 +0000
So what I was curious about is would there be interest in a BGP feed (like the DNSBLs used to be) to null route known malicious sites like that?
i dunno much about this new-fangled "DNSBL" thing you speak of, but the original MAPS RBL is still alive and well and available by BGP. the fine folks now running MAPS include Dave Rand (my co-founder) and if you visit their web site (www.mail-abuse.org) you can probably figure out how to sign up for it. there's a fee involved, but there are lawyers involved, and those two things seem to come in pairs.
I'm sure there is; but I'm slightly worried that transit networks may be tempted to subscribe to such a feed and in essence start censoring their customer's access to the net.
we (speaking for the original MAPS which i still had a hand in operating) faced that from most bgp-subscribing customers. there are easy workarounds.
Also, an "easy fix" like this may lower the pressure on the parties who are really responsible for allowing this to happen: the makers of insecure software / insecure operational procedures (banks!) and gullible users.
actually, a bgp feed of this kind tends to supply the "missing causal vector" whereby someone who does something sloppy or bad ends up suffering for it.
Fixing layer 7+ problems at layer 3 just doesn't work and leads to significant collateral damage in the long run.
that's what everybody always said about MAPS but it didn't happen. the internet is very survivable and the necessary traffic always finds a way to get through. fixing layer >7 problems by denying layer 3 service has indeed proven to be the only way to get remote CEO's to care (or notice). -- Paul Vixie
Current thread:
- BGP list of phishing sites? Scott Call (Jun 27)
- Re: BGP list of phishing sites? Christopher L. Morrow (Jun 27)
- Re: BGP list of phishing sites? Iljitsch van Beijnum (Jun 27)
- Re: BGP list of phishing sites? Paul Vixie (Jun 27)
- Re: BGP list of phishing sites? Website behind Net attack offline Henry Linneweh (Jun 27)
- Re: BGP list of phishing sites? Stephen J. Wilcox (Jun 28)
- Re: BGP list of phishing sites? Patrick W Gilmore (Jun 28)
- Re: BGP list of phishing sites? Dan Hollis (Jun 28)
- Re: BGP list of phishing sites? Patrick W Gilmore (Jun 28)
- Re: BGP list of phishing sites? Edward B. Dreger (Jun 28)
- Re: BGP list of phishing sites? Christopher L. Morrow (Jun 28)
- Re: BGP list of phishing sites? Michael . Dillon (Jun 29)
- Re: BGP list of phishing sites? Dan Hollis (Jun 29)
- Re: BGP list of phishing sites? Patrick W Gilmore (Jun 28)
- <Possible follow-ups>
- Re: BGP list of phishing sites? Paul Vixie (Jun 28)