[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Team Cymru / Spamhaus

Subject: Team Cymru / Spamhaus
From: jlewis at lewis.org (Jon Lewis)
Date: Fri, 27 Jun 2014 16:40:12 -0400 (EDT)
In-reply-to: <[email protected]>
References: <[email protected]>

On Fri, 27 Jun 2014, Adam Greene wrote:

> We're evaluating whether to add BGP feeds from these two sources in attempt
> to minimize exposure to DoS.
>
> The Team Cymru BOGON list (
>
> http://www.team-cymru.org/Services/Bogons/bogon-bn-nonagg.txt or
>
> http://www.team-cymru.org/Services/Bogons/bogon-bn-agg.txt

These really won't do anything to stop DoS attacks.  Common DDoS attack 
traffic these days comes via reflection from non-spoofed sources replying 
to a spoofed public IP target.

> http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt

Same here.  Whether or not its worth null routing unallocated IP space may 
be debatable, but again, it't not going to help protect you from a 
typical real DDoS.

> We're a little more leery about trying Spamhaus's BGPf service (DROP, EDROP
> and BCL,
>
> http://www.spamhaus.org/bgpf/

This is more about stopping spam from entering your network and stopping 
compromised hosts on your network from becoming active in botnets (by 
cutting off their command and control).

----------------------------------------------------------------------
  Jon Lewis, MCP :)           |  I route
                              |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Follow-Ups:
- Team Cymru / Spamhaus
  - From: matthias at leisi.net (Matthias Leisi)
- Team Cymru / Spamhaus
  - From: contact at winterei.se (Paul S.)

References:
- Team Cymru / Spamhaus
  - From: maillist at webjogger.net (Adam Greene)

Prev by Date: Team Cymru / Spamhaus
Next by Date: Team Cymru / Spamhaus
Previous by thread: Team Cymru / Spamhaus
Next by thread: Team Cymru / Spamhaus
Index(es):
- Date
- Thread