[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"general badness" AS-based reputation system

Subject: "general badness" AS-based reputation system
From: mysidia at gmail.com (Jimmy Hess)
Date: Sun, 25 Sep 2011 18:31:42 -0500
In-reply-to: <[email protected]>
References: <[email protected]>

On Sun, Sep 25, 2011 at 10:37 AM, Gadi Evron <ge at linuxbox.org> wrote:
> In my opinion, third-party security based AS-reputation systems will
> eventually become de-facto border filtering systems for ISPs, but that day
> is still not here, as that is still socially unacceptable in our circles,
> and will remain so until it becomes _necessary_.

Sorry... what makes  you think the problem with use of a
AS-reputation systems is
social and not technical?

IP packets are not stamped with the numbers of any of the AS they
transitted to reach your network.
The IP protocol simply does not expose AS number information,
therefore,  for filtering purposes,
you don't actually have the information....

It's difficult to justify a complex  AS-reputation system that would
have limited
effectiveness, and really, is  little better than other reputation
system methods
(such as source address blacklisting)

--
-JH

Follow-Ups:
- "general badness" AS-based reputation system
  - From: ge at linuxbox.org (Gadi Evron)

References:
- "general badness" AS-based reputation system
  - From: ge at linuxbox.org (Gadi Evron)

Prev by Date: Nxdomain redirect revenue
Next by Date: Nxdomain redirect revenue
Previous by thread: "general badness" AS-based reputation system
Next by thread: "general badness" AS-based reputation system
Index(es):
- Date
- Thread