nanog mailing list archives
Re: ISP port blocking practice
From: Valdis.Kletnieks () vt edu
Date: Fri, 23 Oct 2009 01:29:01 -0400
On Thu, 22 Oct 2009 22:36:13 EDT, Jon Kibler said:
4) Never allow traffic to ingress any network if the source address is bogus.
4a) Never flag a source address as bogus unless you can verify it is bogus *today*, not when you installed the filter. Out of date bogon filters are evil.
Attachment:
_bin
Description:
Current thread:
- Re: ingress filtering and multiple Internet conenctions, (continued)
- Re: ingress filtering and multiple Internet conenctions Joe Maimon (Oct 25)
- Re: ingress filtering and multiple Internet conenctions Owen DeLong (Oct 25)
- Re: ingress filtering and multiple Internet conenctions Owen DeLong (Oct 25)
- Re: ISP port blocking practice Joe Provo (Oct 26)
- Re: ISP port blocking practice Joe Provo (Oct 25)
- Re: ISP port blocking practice Justin Shore (Oct 22)
- Re: ISP port blocking practice Jon Kibler (Oct 22)
- Re: ISP port blocking practice Steve Bertrand (Oct 22)
- Re: ISP port blocking practice Jon Kibler (Oct 23)
- Re: ISP port blocking practice Steve Bertrand (Oct 23)
- Re: ISP port blocking practice Steve Bertrand (Oct 22)
- Re: ISP port blocking practice Valdis . Kletnieks (Oct 22)
- Re: ISP port blocking practice a . harrowell (Oct 24)
- RE: ISP port blocking practice Keith Medcalf (Oct 24)