On Tuesday, Nov 5, 2002, at 15:22 Canada/Eastern, Eric Germann wrote:
Anyone want to admit privately (I'll summarize to the list) if they activelySpeaking as someone who used to operate networks in New Zealand, please take care not to blame the whole region for troublesome traffic originating from one or two countries. There is nothing people in NZ can do about network abuse in China or Korea.
filter certain partitions of APNIC space?
We did a little experiment the past couple of days and saw at 85% of our
port 13[5-9] scans, Code Red/Nimda/formmail attempts, etc. go out the door
by blackholing those networks in .cn and .kr.
Thoughts? Is it a valid thesis? I've seen the discussions for spam
mitigation, etc via DNS, but this is actually null routing all their
traffic.
Subject lines that read "Blackholing APNIC Routes" are best avoided, in my opinion, lest they give people ideas. In other news, despite what several large network operators might think, 202/7 is not "CHINANET" :)
Joe
