On Thu, 01 Mar 2007 14:22:37 +0000 (GMT) "Chris L. Morrow" <[EMAIL PROTECTED]> wrote:
> > On Thu, 1 Mar 2007, Jon Lewis wrote: > > > On Wed, 28 Feb 2007, Eric Ortega wrote: > > > > > I'd like to thank the group for the responses and help with this > > > issue. I find it ironic that Randy's study actually uses 96 space. > > > > The amazing/sad thing is that people have been facing and fixing > > the same problem for more than 4 years. How many times does a > > network have to fix their static bogon filters before coming to the > > realization that those filters are a bad idea? > > So, where are static bogon filters appropriate? (loaded question > perhaps) I ask because just about every 'security expert' and > 'security whitepaper' or 'security suggestions' has some portion that > speaks to "why it's a grand idea to have acl-lines/firewall-policy tp > block 'bogon' ip space" (for some definition of 'bogon' of course). > Well, not all of us advocate that; see http://www.merit.edu/mail.archives/nanog/2006-01/msg00150.html --Steve Bellovin, http://www.cs.columbia.edu/~smb
