North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
- From: Sabri Berisha
- Date: Sat Jul 21 18:38:18 2001
A couple of days ago I mentioned here that I have nullrouted the IP which
whitehouse.gov resolves to. After that I received some mail in private
mentioning not only the fact that I filtered the wrong IP (that's fixt
now) but also the dangers of posting about such a thing here. "Hey, he
nullroutes them, let's do it too!".
My decision to nullroute whitehouse.gov was based on the following:
- the traceroute from my net to whitehouse.gov goes through AT&T which
means that any DoS packets originating from our network will affect that
- my customerbase is not that type that would visit whitehouse.gov
frequently nor would whitehouse.gov (if coming from that IP as a source)
be interested in any of my customers;
- most of the boxes in our network have a 100mbit/s nic in their box. Our
main uplink is a STM-1 at the moment so if a colocated NT box would be
compromised, that would give a huge effect. Imagine what would happen if 2
or three boxes are infected.
After careful consideration we (our engineering team and the CEO) decided
we would not want to be a part of any attacks against the US government or
any other network.
If you have any reasons to believe you need to blackhole whitehouse.gov
please do so, but don't blackhole just because others do it as well.
/* Sabri Berisha CCNA,BOFH,+iO O.O speaking for just myself
* Join HAL!!: www.HAL2001.org ____oOo_U_oOo____ http://www.bit.nl/~sabri
* "We deliver quality services, we just can't get it on the internet"
* Anonymous sysadmin - on IRC */