On Thu, 1 Mar 2007, Jon Lewis wrote:
On Thu, 1 Mar 2007, Chris L. Morrow wrote:
So, where are static bogon filters appropriate? (loaded question perhaps) I ask because just about every 'security expert' and 'security whitepaper' or 'security suggestions' has some portion that speaks to "why it's a grand idea to have acl-lines/firewall-policy tp block 'bogon' ip space" (for some definition of 'bogon' of course).
I suppose they're appropriate when done by network security consultants, as it guarantees future / repeat business. :)
ah-ha! but seriously, is this something an NSP/ISP should be doing? or is this an enterprise function? or MSSP function? Are there standard tools available to notify folks when changes occur? (aside from: "go check iana.org website" or "golly traffic's not flowing anymore") -Chris