On Fri, Nov 26, 2004 at 01:02:27AM -0500, alex@pilosoft.com wrote:
On Fri, 26 Nov 2004, Suresh Ramasubramanian wrote:
Possibly, whoever are the vendors of software that recommends this practice (and authors of security handbooks) should be show the error of their ways?
Never heard of a particular software vendor nor security author disctating it, but then perhaps that's because some of us set things up based on real experience and don't always see those who come after.
I dare to say that even without wholesale BCP38 implementation, benefit of bogon-filtering unallocated space is tiny compared to cost of lost connectivity due to the filters that aren't updated.
That's a change mgmt complaint, not a bogon filter complaint. There are many many many of us who experience concrete benefits and zero problems WRT bogon filters. I suspect those stating there's no benefit never actually used them. Vote with your wallet, etc etc. -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE