|
| |
| | Bogon filtering - Wikipedia, the free encyclopedia |
 | | Bogons can be filtered by using router ACLs, or by BGP blackholing. | | | The term "bogon" stems from hacker jargon, where it is defined as the quantum of "bogosity", or the property of being bogus. | | | A bogon packet is frequently bogus both in the conventional sense of being forged for illegitimate purposes, and in the hackish sense of being incorrect, absurd, and useless. |
|
http://en.wikipedia.org/wiki/Bogon_filtering
(235 words)
|
|
| |
| | [No title] |
| | Proposed extensions to Outbound Route Filtering When a router announces the ORF send capability, the filter information received by the peer MAY be given a manually configured name that MAY be re-used in other parts of the router's configuration instead of the router generating a name automatically. | | | Filters maybe configured manually using prefix-lists or as-path lists may be distributed dynamically by BGP and there are 3 basic ways to do it then. | | | The idea is to re-use the ORF mechanism to propagate prefix-lists and as-path lists to other peers, not for the purpose of filtering the routes sent to a peer and their associated handling but for the purpose of filtering inbound routes announced or received to/from other peers of the receiving ORF router. |
|
http://arneill-py.sacramento.ca.us/draft-py-idr-redisfilter-01.txt
(1843 words)
|
|
| |
| | ISP Column - May 2004 |
| | The bogon beacons are a reasonable approach to the problem of identifying the location of poorly maintained bogon filters. | | | This kind of bogon filter, based on IANA data, has a role in deployed networks where it appears to server a role of catching inadvertent leakage of private use number space into the public domain. | | | This type of bogon list is getting too big to be installed easily on routers, and, as it changes in detail each day as each RIR performs further allocations, there is a requirement to set up elaborate scripts that operate a frequent intervals. |
|
http://www.potaroo.net/papers/isoc/2004-04/bogons.html
(3982 words)
|
|
| |
| | [fw-wiz] RE: Why blocking bogons buys you nothing (Mikael Olsson) |
| | The idea of blocking bogons is to do it as close as possible to the source, not the other way around. | | | No one should place any static bogon filters in their network if they are not prepared to manage and maintain them. | | | Unicast RPF (sometimes combined with bogon filtering when in loose mode) raises the bar even higher on core routers. |
|
http://honor.icsalabs.com/pipermail/firewall-wizards/2003-November/015630.html
(1091 words)
|
|
| |
| | The Team Cymru Bogon Reference Page |
| | All of the IPs within a bogon prefix are covered by the zone file, which uses wildcard matches to properly respond to queries within a bogon prefix. | | | This gives an example of BIND filtering for the bogons in DNS queries. | | | The objects can be queried via the RADb web interface as well. |
|
http://www.cymru.com/Bogons
(1050 words)
|
|
| |
| | Bogon filtering, was Re: Telus (AS852) problems ? |
| | Bogon filtering, was Re: Telus (AS852) problems ? | | | Folks can find the latest bogon list here: http://www.cymru.com/Documents/bogon-list.html Please take a few moments to read the list and adjust your filters accordingly. | | | Subject: Bogon filtering, was Re: Telus (AS852) problems ? |
|
http://www.atm.tut.fi/list-archive/nanog/msg14189.html
(123 words)
|
|
| |
| | Quantum bogodynamics - Wikipedia, the free encyclopedia |
| | There are bogon sources (such as politicians, used-car salesmen, TV evangelists, and suits in general), bogon sinks (such as taxpayers and computers), and bogosity potential fields. | | | Article based on quantum bogodynamics (etc) at FOLDOC, used with permission. | | | Bogon absorption causes human beings to behave mindlessly and machines to fail (and may also cause both to emit secondary bogons); however, the precise mechanics of bogon-computron interaction are not yet understood. |
|
http://www.wikipedia.org/wiki/Bogon
(268 words)
|
|
| |
| | IBM --- Bogon filtering |
| | However, the trouble is that the list of bogon > > networks is static, and in fact includes 70/8 among many > > others. | | | I have been peering with them from our sink > hole/black hole trigger router, for a while now, and I no longer need to > manually update the files. | | | > > > > A better implementation would be for vendors to include a > > "bogon-subscribe server x.x.x.x" feature, which would simply > > allow a router to talk to a centralized bogon server. |
|
http://www.cctec.com/maillists/nanog/current/msg06076.html
(294 words)
|
|
| |
| | ENEMY OF THE STATE |
| | Unlike static packet filtering, which examines a packet based on the information in its header, stateful inspection tracks each connection traversing all interfaces of the firewall and makes sure they are valid. | | | Bear in mind, I'm aware of Bogon filtering (http://www.cymru.com/Bogons/) but know offhand many do not bother to implement filtering. | | | An example of a stateful firewall may examine not just the header information but also the contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination. |
|
http://www.infiltrated.net/enemyofthestate.html
(975 words)
|
|
| |
| | Maxthon Forum -> Bogon filters blocking access to this site. |
| | to ensure that they are not performing buggy bogon filtering. | | | have out of date bogon filters as there are many sites on their Network | | | you check the bogon filters on your customer sites where possible, |
|
http://forum.maxthon.com/forum/index.php?showtopic=19271
(870 words)
|
|
| |
| | Secure BIND Template v5.0 30 JUN 2005 Rob Thomas robt@cymru.com |
| | Technicality: Our bogon ACL would block all queries from hosts in the 7.7.7.0/24 netblock. | | | This is an example only, after all, so please do not use 7.7.7.0/24 as your internal netblock, and do not remove 7.7.7.0/24 from the bogon ACL list. | | | // Deny anything from the bogon networks as |
|
http://www.cymru.com/Documents/secure-bind-template.html
(2123 words)
|
|
| |
| | Outblaze Limited - |
| | In addition to rate-limiting, filtering mail on the outbound servers to ensure that there are no worms is one way of limiting the damage that email worms can cause. | | | For example, if a router carries traffic for 192.0.20.0/24 and originates 192.168.0.0/16, then it should allow only packets destined for those IP blocks into the network (ingress filtering). | | | The router should be configured to allow traffic for the IP blocks it routes or originates, and no others. |
|
http://outblaze.com/main.php?id=antispam&page=anti_infoadmin
(537 words)
|
|
| |
| | EDI Resources & Discussions - EC/EDI, Inc. |
| | do for you) and routers filter based on the contents of the routing | | | > > announcements, so there is no longer any need to perform bogon filtering | | | S-BGP and soBGP will not solve the problem |
|
http://www.ecediltd.com/la/nanog@merit.edu/0947.html
(284 words)
|
|
| |
| | Re: Bogon filtering (don't ban me) |
| | However, allow me to contradict myself by taking the position that it's better for us network operators to do bogon filtering so our customers don't have to, rather than have any fool with an ipfw or similar shoot himself in the foot. | | | The preferred way to do this would be uRPF. | | | So there is no need to use bogon lists. |
|
http://www.cctec.com/maillists/nanog/current/msg06165.html
(327 words)
|
|
| |
| | Re: Bogon filtering |
| | On Fri, 2004-12-03 at 00:53 -0500, J. Oquendo wrote: > > Considering the talk of banning going on, I was reluctant to post this, > anyhow, I wondered how many (if any) have ever thought about the aspect of > vendors deciding to implement some form of default bogon filtering on their > products. | | | With all of the talk about DoS botnets, and issues surrounding > allocated address ranges (for whatever the purpose), I'm curious to know > why a vendor like Juniper, or Cisco, or whomever doesn't implement a > mechanism to automatically do the filtering. | | | There is one thing though which is somewhat a problem with these setups, one has to trust the source of the filters, they are technically controlling your network, who you talk to and who not. |
|
http://www.cctec.com/maillists/nanog/current/msg06047.html
(309 words)
|
|
| |
| | bogon filtering question |
| | More information on bogon filter versions : = | | | Please can you investigate this problem & remove/update this static = | | | bogon list from your router/web server, as you filtering a 'live ' block = |
|
http://www.redhatconfig.com/msg/81376.html
(310 words)
|
|
| |
| | Forums » Netopia/Cayman » WAN side bogon spoof |
| | Filtering at that level is very expensive on the core routers. | | | Also curious why SBC isn't doing any bogon filtering too. | | | It does appear that the Cayman blocked it because I got the spoof warning in the logs, but the fact that someone knew to try the 192.168.2.* address space makes me wonder what kind of information is available from the WAN side of the Cayman. |
|
http://text.dslreports.com/forum/remark,11649387~mode=flat
(242 words)
|
|
| |
| | bogon - OneLook Dictionary Search |
| | bogon : Free On-line Dictionary of Computing [home, info] | | | Phrases that include bogon: bogon filter, bogon filtering, bogon flux | | | Tip: Click on the first link on a line below to go directly to a page where "bogon" is defined. |
|
http://www.onelook.com/cgi-bin/cgiwrap/bware/dofind.cgi?word=bogon
(87 words)
|
|
| |
| | OISec » Bogon filtering using BGP bogon route servers |
| | The problem with this approach is that whenever an address block is delegated by IANA to a RIR this list has to be updated manually. | | | Unless my understanding of the route-map is not 100%, this effectively shows that the CYMRU approach has no use whatsoever and static prefix-lists are the way to go. | | | The case that a more-specific bogon is announced is more common then that an entire /8 network is announced, so I think the bogon server is absolutely no solution for this problem, unless they are going to announce it in de-aggregates of say /27 it has some effect. |
|
http://mt.oisec.net/archive/2004/12/03/bogon_filtering_using_bgp_bogo
(421 words)
|
|
| |
| | Riverstone Networks Configuration Database: Bogon Filtering With BGP |
| | Since this filter is rather large, performance tests were completed to show the effects on a router. | | | Riverstone Networks Configuration Database: Bogon Filtering With BGP | | | When the IANA allocates new address space to one of the regional registries, ARIN, RIPE or APNIC an operation message is sent out to various operational mailing lists operated by each of the registries as well as lists such as NANOG, APRICOT, JANOG and others. |
|
http://www.riverstonenet.com/support/configdb/0038.html
(238 words)
|
|
| |
| | RIPE Draft Documents |
| | Recently users of first allocations out of new blocks have experienced problems and aired them on lists like NANOG and in the press. | | | The Regional Internet Registries (RIRs) just distribute the address space and can make no claims whatsoever about route-ability because this is clearly in the domain of ISPs and other network operators. | | | The "reach" of these announcements can then be determined by analysing routing data observed on the Internet: the distribution of routes to the pilot prefixes can be compared with the distribution of regular production prefixes; significant differences can be analysed to determine ISPs that are still filtering routing announcements from the new block. |
|
http://www.ripe.net/ripe/draft-documents/deboganising-draft.html
(735 words)
|
|
| |
| | Nanog 0309: Re: What were we saying about edge filtering? |
| | > better at it, and if they were using the filters, then there would be | | | > > Source address-based filtering in the backbone is expensive and, in | | | unwilling to filter even the most blatant of bogons |
|
http://irbs.net/internet/nanog/0309/0257.html
(322 words)
|
|
| |
| | [nsp] Bogon Addresses |
| | Does anyone > of you use this solution to filter bogon addresses? | | | http://www.cymru.com/Bogons/ are offering an > automated solution using BGP perring to filter boggon addresses. | | | M.Palis wrote: > We are in the proccess of filtering bogon addresses in an effort to > minimize DoS attacks. |
|
http://puck.nether.net/pipermail/cisco-nsp/2003-October/006217.html
(130 words)
|
|
| |
| | discuss@charon: 78590-78610 in North American Network Operators' Group |
| | [78597] Joe Provo Re: Obsolete bogon filtering [78598] Hannigan, Martin RE: IRC bots... | | | [78592] Jay R. Ashworth Re: Obsolete bogon filtering [78593] Fergie (Paul Ferguson) IRC bots... | | | [78590] Jon Lewis Re: Obsolete bogon filtering [78591] David Lesher Re: Fire Code/UFC Regs? |
|
http://diswww.mit.edu/charon/nanog?-78610
(101 words)
|
|
| |
| | Red Hat General -- Re: bogon filtering question |
| | In earlier versions of shorewall the file may be located in /etc/shorewall. | | | If you were using "shorewall" you'd look in /usr/share/shorewall and check the "bogons" file. | | | Please can you investigate this problem and remove/update this static = bogon list from your router/web server, as you filtering a 'live' block = of IP! |
|
http://www.spinics.net/lists/redhat/msg76945.html
(224 words)
|
|
| |
| | Nanog 0207: Re: rewars/benefit bogon filters |
| | Maybe in reply to: jnelson: "rewars/benefit bogon filters" | | | they were generating before even minus RPF filters. | | | Personally I'd almost rather keep the extra 40% of the attack and have the |
|
http://irbs.net/internet/nanog/0207/0266.html
(294 words)
|
|
| |
| | Lycos Search Results: web results for bogon 1 thru 10 of 28,000 |
| | The Team Cymru Bogon Reference Page -- secure templates for routers. | | | This list is designed to be a one-way mechanism for announcing new IPv4 and ASN allocations. | | | Lycos Search Results: web results for bogon 1 thru 10 of 28,000 |
|
http://search.lycos.com/?lpv=1&loc=searchhp&query=bogon
(245 words)
|
|
| |
| | Re: Bogon filtering (don't ban me) - ReadList.com |
| | Looking for some program that will do this... | | | How many backbones here are filtering the makel... | | | > > can pick which ones they want to filter. |
|
http://readlist.com/lists/trapdoor.merit.edu/nanog/1/7488.html
(125 words)
|
|
| |
| | [nsp] IP Ranges 83.0.0.0/8 and 84.0.0.0/8 |
| | Perhaps the strategy of pushing the idea of filtering to admins needs to be tweaked slightly to avoid suggesting any static configurations.. | | | there are a huge number of sites displaying old bogon data. | | | Hi Rob, try googling for some common terms that might throw up filters.. |
|
http://puck.nether.net/pipermail/cisco-nsp/2004-March/009119.html
(223 words)
|
|
| |
| | [nylug-talk] Interesting test |
| | Or at least more than just egress filtering of rfc1918 and bogon lists (yes, bogon filtering can filter inbount, too. | | | This tests slightly more than just bogon filtering though. | | | > > Too bad bogon filtering is an ugly, mismanaged mess (hard-coded lists, > extremely infrequently updated lists, etc) that results in some fairly > significant problems sometimes for recipients of new block allocations. |
|
http://www.nylug.org/pipermail/nylug-talk/2005-March/025938.html
(179 words)
|
|
| |
| | [bogon-announce] Update to the bogon route-server project |
| | The major change in release 1.7 is the addition of three more bogon route-servers to the bogon route-server project, for a total of four. | | | These are all managed by Team Cymru, and provide additional redundancy for the project. | | | :) We're pleased to announce the release of version 1.7 of the Bogon Route-Server Project. |
|
http://puck.nether.net/pipermail/bogon-announce/2003-May/000008.html
(187 words)
|
|
| |
| | PC World Forums - News: Bogon filtering blocks some sites in NZ - JetStream users |
| | View Full Version : News: Bogon filtering blocks some sites in NZ - JetStream users | | | A bogon IP address is one that has not yet been assigned - many ISPs filter out all incoming traffic from bogon addresses because they are perceived to have no legitimate purpose. | | | PC World Forums > PressF1 > News: Bogon filtering blocks some sites in NZ - JetStream users |
|
http://www.pressf1.co.nz/archive/index.php/t-44502.html
(1027 words)
|
|
| |
| | Bogon filtering blocks some sites in NZ |
| | Bogon filtering blocks some sites in NZ Email this Story |
|
http://www.idg.co.nz/news.nsf/PostMail?OpenForm&parentunid=9714DEA906A63445CC256E7C00124349
(10 words)
|
|
| |
| | discuss@charon: 78570-78590 in North American Network Operators' Group |
| | Re: Obsolete bogon filtering [78585] cidr-report@potaroo.net The Cidr Report [78586] Todd Vierling Re: US Navy Contact. | | | [78589] Dave Hilton A polite request for opinions about equipment [78590] Jon Lewis Re: Obsolete bogon filtering |
|
http://diswww.mit.edu/charon/nanog?-78590
(55 words)
|
|
|
