North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Blackholing APNIC Routes (or a subset of)
- From: Joe Abley
- Date: Tue Nov 05 15:54:41 2002
On Tuesday, Nov 5, 2002, at 15:22 Canada/Eastern, Eric Germann wrote:
Anyone want to admit privately (I'll summarize to the list) if they
actively
filter certain partitions of APNIC space?
We did a little experiment the past couple of days and saw at 85% of
our
port 13[5-9] scans, Code Red/Nimda/formmail attempts, etc. go out the
door
by blackholing those networks in .cn and .kr.
Thoughts? Is it a valid thesis? I've seen the discussions for spam
mitigation, etc via DNS, but this is actually null routing all their
traffic.
Speaking as someone who used to operate networks in New Zealand, please
take care not to blame the whole region for troublesome traffic
originating from one or two countries. There is nothing people in NZ
can do about network abuse in China or Korea.
Subject lines that read "Blackholing APNIC Routes" are best avoided, in
my opinion, lest they give people ideas. In other news, despite what
several large network operators might think, 202/7 is not "CHINANET" :)
Joe
|
