[linux-elitists] CIDR House-Rules: more on spam-by-ASN strategies

Karsten M. Self kmself@ix.netcom.com
Thu Mar 2 22:39:46 PST 2006


So, a number of events have transpired recently culminating in my
attending this week's MAAWG (Messaging Anti-Abuse Working Group) meeting
in San Francisco.  Short ride and low fees helped.

I've been talking to a number of folks in that community about some
ideas I've previously discussed here, got around to presenting some of
them in the form of a paper, presented to fairly positive interest at
the meeting.  The basic concept is to use publicly available BGP router
data to identify ASNs and CIDRs from IPs through a DNS query.

The paper, "CIDR House-Rules:  Use of BGP router data to identify and
address sources of Internet abuse", is available at:

    http://linuxmafia.com/~karsten/cidr-house-rules.pdf
    http://linuxmafia.com/~karsten/cidr-house-rules.ps


Current plan is to extend that in some follow-up papers.  Among other
things, it looks as if the sort of data gathering + enforcement split I
discuss would be pretty doable with stock Cisco gear via QoS or similar
rulesets.

... oh, and, ObLyxRocks.  Very largely painless authoring here,
significantly less than several of the alternatives.  Several
alternatives failed to meet or exceed expectations (or needs).


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Don't do this. REALLY. / I mean it. Got this off an / internal newsgroup.
    - Haiku newsgroup
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20060302/de23b2fb/attachment.pgp 


More information about the linux-elitists mailing list