Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: filtering

  • From: Matt Levine
  • Date: Sun Jul 22 00:28:24 2001

Hash: SHA1

Moreover, bbn ('s upstream) is blackholing it
themselves, why would you NOT blackhole it and waste your bw when
it's gonna get blackholed along the way anyway?


- --
Matt Levine
ICQ  : 17080004
PGP  : 

- -----Original Message-----
From: [] On Behalf
Of John Starta
Sent: Saturday, July 21, 2001 10:10 PM
Cc: Andreas Plesner Jacobsen - Tiscali;
Subject: Re: filtering

At 04:29 PM 7/21/01 -0700, Jon O . wrote:
>On 22-Jul-2001, Andreas Plesner Jacobsen - Tiscali wrote:
> > No, since it is known that the provider hosting www1 and 
> > has already blackholed www1, and 
> > only resolves to www2 now. And then there's
> > the  big difference between operational stability and poltical
> > stability,  of which operational is the primary concern to me at
> > least.
>Yes, because your fix is for this worm and luckily it only attacks 
>www1. The next one might not be so benign and blackholing routes is
>not  the answer. Also, it makes it harder to ID infected hosts so
>you can  fix them.

Blackholing routes doesn't prevent you from identifying possibility 
infected hosts. It simply means that you're not going to participate
in the 
abuse of anothers network and/or host. You can still log the traffic 
destine for the target.


Version: PGPfreeware 7.0.3 for non-commercial use <>


Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.