Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: filtering whitehouse.gov?

  • From: Matt Levine
  • Date: Sun Jul 22 00:28:24 2001

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Moreover, bbn (whitehouse.gov's upstream) is blackholing it
themselves, why would you NOT blackhole it and waste your bw when
it's gonna get blackholed along the way anyway?



Matt

- --
Matt Levine
@Home: matt@deliver3.com
@Work: matt@eldosales.com
ICQ  : 17080004
PGP  : http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x6C0D04CF 

- -----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf
Of John Starta
Sent: Saturday, July 21, 2001 10:10 PM
To: jono@networkcommand.com
Cc: Andreas Plesner Jacobsen - Tiscali; nanog@nanog.org
Subject: Re: filtering whitehouse.gov?



At 04:29 PM 7/21/01 -0700, Jon O . wrote:
>On 22-Jul-2001, Andreas Plesner Jacobsen - Tiscali wrote:
>
> > No, since it is known that the provider hosting www1 and 
> > www2.whitehouse.gov has already blackholed www1, and 
> > www.whitehouse.gov only resolves to www2 now. And then there's
> > the  big difference between operational stability and poltical
> > stability,  of which operational is the primary concern to me at
> > least.
>
>Yes, because your fix is for this worm and luckily it only attacks 
>www1. The next one might not be so benign and blackholing routes is
>not  the answer. Also, it makes it harder to ID infected hosts so
>you can  fix them.

Blackholing routes doesn't prevent you from identifying possibility 
infected hosts. It simply means that you're not going to participate
in the 
abuse of anothers network and/or host. You can still log the traffic 
destine for the target.

jas


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO1pVWcp0j1NsDQTPEQKQoACgzipHzlRlxWBkI+hbTcwaNbLeyUAAoNd0
UWLxY5wLzirdYfYQqzBj+Jzj
=KEGb
-----END PGP SIGNATURE-----





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.