On Wed, Mar 10, 2004 at 06:43:33PM +1100, Damien Miller wrote: > On Tue, 9 Mar 2004, Claudio Jeker wrote: > > > The best sollution is to have a full view (with no default route) via bgp > > and use no-route. So you get a auto-update bogon filter. It is more > > accurate than those lists because it is live and knows about the not > > announced but IANA allocated blocks. > > How does that help? Abusers use BGP to advertise reachability to those > blocks in the first place, so they are in the routing table. And, BGP > doesn't include WHOIS information to determine a given block's allocation > status. >
If abusers use BGP to advertise reachability your in big trouble because then your list wont help you neither. If you can advertise a non allocated block you can also advertise a allocated but not announced block. There are many companies that own public IP blocks but don't announce then. -- :wq Claudio
