11 Mar
2004
11 Mar
'04
6:16 p.m.
On Thu, 11 Mar 2004, Laurence F. Sheldon, Jr. wrote:
Petri Helenius wrote:
Maybe there is a lesson to be learned from many RBL operators. To make sure, just send packets to the whole /24 or /16 you got an "attack" packet from.
Which RBL operators flood /24's or /16's? What do they flood them with?
I think he meant that RBLs sometimes include entire /24 in RBL list when only one or two ips are at fault and some would go even highier to include entire ISP allocation. This is probably talking about SPEWs and alike RBLs -- William Leibzon Elan Networks william@elan.net