Results 1 to 5 of 5
  1. #1
    Join Date
    Jan 2014
    Location
    San Jose , CR
    Posts
    453

    * BGP filtering using drop or similar ?

    Does anybody here currently use lists like drop.spamhaus.org to filter their BGP routing ?
    If so, any feedback ?

    Are there any other reliable lists like these worth ?

    Do you guys think it makes any sense to block these known prefixes from within BGP ?

    Any feedback is greatly appreciated.
    RACKNATION: Costa Rica DataCenter - [ Dedicated Servers | Cloud Servers | Advanced Solutions ]
    https://www.RackNation.cr
    Data Center in Costa Rica - AS52423

  2. #2
    Join Date
    Jan 2010
    Posts
    308
    We're using the BGP feeds, but our trial period is too short to say anything good or bad so far. Similar to our setup for the Team Cymru feeds, we import these feeds and set next hop to discard.

    At the very least, I don't see any harm in blocking access to the botnet C&C servers.

  3. #3
    Join Date
    Jan 2014
    Location
    San Jose , CR
    Posts
    453
    Quote Originally Posted by scurvy View Post
    We're using the BGP feeds, but our trial period is too short to say anything good or bad so far. Similar to our setup for the Team Cymru feeds, we import these feeds and set next hop to discard.

    At the very least, I don't see any harm in blocking access to the botnet C&C servers.
    you use a script to update the feed ? or "consume" it directly from the router ?
    Using cisco or juniper ?

    Thanks a lot
    RACKNATION: Costa Rica DataCenter - [ Dedicated Servers | Cloud Servers | Advanced Solutions ]
    https://www.RackNation.cr
    Data Center in Costa Rica - AS52423

  4. #4
    Join Date
    Jan 2010
    Posts
    308
    They have a service which provides you the list and updates via BGP. Our routers are peered with theirs.

  5. #5
    Join Date
    Jan 2014
    Location
    San Jose , CR
    Posts
    453
    Quote Originally Posted by scurvy View Post
    They have a service which provides you the list and updates via BGP. Our routers are peered with theirs.
    thanks a lot, looking into it now
    RACKNATION: Costa Rica DataCenter - [ Dedicated Servers | Cloud Servers | Advanced Solutions ]
    https://www.RackNation.cr
    Data Center in Costa Rica - AS52423

Similar Threads

  1. Similar script to BlockScript to block filtering companies
    By httpCORE in forum Hosting Security and Technology
    Replies: 3
    Last Post: 05-22-2013, 11:45 PM
  2. Switch, Router, or Both for Colo Rack with BGP drop?
    By acegopher in forum Colocation and Data Centers
    Replies: 15
    Last Post: 05-01-2013, 08:07 AM
  3. BGP filtering - How to avoid?
    By shaggybear in forum Colocation and Data Centers
    Replies: 6
    Last Post: 06-24-2010, 04:05 PM
  4. MAC address are similar result in similar ip address
    By zillah in forum Hosting Security and Technology
    Replies: 6
    Last Post: 04-22-2006, 11:56 AM
  5. To BGP or not to BGP? Aint that the question ;)
    By jonny b in forum Hosting Security and Technology
    Replies: 8
    Last Post: 11-23-2001, 10:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •