We've proposed what vendors need to better support bogon filtering, even wrote a draft: http://arneill-py.sacramento.ca.us/draft-py-idr-redisfilter-01.txt but last time I talked to cisco ios person (which was just two weeks ago at IPv6 Summit), it still has not been done. Perhaps couple more people who buy their hardware asking them about it will make a difference ... On Fri, 3 Dec 2004, J. Oquendo wrote:
Considering the talk of banning going on, I was reluctant to post this, anyhow, I wondered how many (if any) have ever thought about the aspect of vendors deciding to implement some form of default bogon filtering on their products. With all of the talk about DoS botnets, and issues surrounding allocated address ranges (for whatever the purpose), I'm curious to know why a vendor like Juniper, or Cisco, or whomever doesn't implement a mechanism to automatically do the filtering. Wouldn't this minimize a vast amount of issues surrounding DoS attacks?
From an admin/user perspective, I would not mind having my equipment implement this as long as it was manageable to add/remove addresses on the fly. Perhaps a command line syntax:
ip bogon add add.res.s/8
or
ip bogon remove add.res.s/8
How much would easier would it be for a NAP (per-se) to have their entire network configured properly to avoid having their network send malicious traffic out of their net.
I thought about it over and over, and wonder why this hasn't been done. Any care to beat me with a clue stick or two. I can understand the arguments of not wanting a vendor to have control of some aspect of my business, or control over my network, but correct me if I am wrong, wouldn't this solve a heck of a lot of issues concerning network based attacks, spam, scumware/spyware/fooware/$*something?
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x51F9D78D Fingerprint 2A48 BA18 1851 4C99
CA22 0619 DB63 F2F7 51F9 D78D http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x51F9D78D
sil @ politrix . org http://www.politrix.org sil @ infiltrated . net http://www.infiltrated.net
"How can we account for our present situation unless we believe that men high in this government are concerting to deliver us to disaster?" Joseph McCarthy "America's Retreat from Victory"