nanog mailing list archives
Re: Global Blackhole Service
From: Justin Shore <justin () justinshore com>
Date: Mon, 16 Feb 2009 17:09:49 -0600
Jens Ott - PlusServer AG wrote:
Therefore I had the following idea: Why not taking one of my old routers and set it up as blackhole-service. Then everyone who is interested could set up a session to there and
I do something similar on our network with a RTBH trigger router. I peer with it from my edges that are capable of handling that many BGP routes. I feed into it hosts that scan our networks looking for running SSH daemons and open proxies on specific default ports. With uRPF on all our edges it will drop traffic whether the target IP is the source or the destination. Works slick.
The Cisco Press "Router Security Strategies" book has good examples. A trustworthy source for BGP blacklists of sorts would be an excellent thing IMHO. I'd love to be able to reliably drop traffic from malicious hosts before they scan our network and end up in my netflow logs. Trust would be a big issue though.
Justin
Current thread:
- Re: cogent issues, (continued)
- Re: cogent issues Michal Krsek (Feb 16)
- Re: cogent issues neal rauhauser (Feb 16)
- Re: cogent issues Marshall Eubanks (Feb 16)
- Re: cogent issues Ran Liebermann (Feb 16)
- Re: Global Blackhole Service Matthew Moyle-Croft (Feb 14)
- Re: Global Blackhole Service Florian Weimer (Feb 13)
- Re: Global Blackhole Service Randy Bush (Feb 13)
- Re: Global Blackhole Service Tico (Feb 13)
- RE: Global Blackhole Service Barry Raveendran Greene (Feb 13)
- Re: Global Blackhole Service John Kristoff (Feb 14)
- Re: Global Blackhole Service Justin Shore (Feb 16)
- Re: Global Blackhole Service Nuno Vieira - nfsi telecom (Feb 13)
- Re: Global Blackhole Service Suresh Ramasubramanian (Feb 13)
- Re: Global Blackhole Service Paul Vixie (Feb 13)
- Re: Global Blackhole Service Jack Bates (Feb 13)
- Re: Global Blackhole Service Paul Vixie (Feb 13)
- Re: Global Blackhole Service Chris Jester (Feb 13)
- Re: Global Blackhole Service Jack Bates (Feb 13)
- Re: Global Blackhole Service Jens Ott - PlusServer AG (Feb 13)
- Re: Global Blackhole Service Paul Vixie (Feb 14)
- Re: Global Blackhole Service Jens Ott - PlusServer AG (Feb 15)