[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds

Subject: Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds
From: Curtis at GreenKey.net (Curtis Doty)
Date: Thu, 16 Jan 2014 13:06:14 -0800
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On Thu, Jan 16, 2014 at 11:04 AM, John Levine <johnl at iecc.com> wrote:

> If you're a tiny little network, you can
> use the public DNS servers for the BL lookups, and you can
> FTP the text version of DROP and turn in into firewall
> rules or whatever.  That's what I do (hack perl scripts
> available on request.)
>

Here's working Bash script to sync the freely available DROP/EDROP lists
into a quagga/linux route server. https://gist.github.com/dotysan/8463112

I ran that awhile back without issue. But not anymore. Last year I added
the $250/yr BOTNETCC list which is BGP-only. And it was too convenient to
move the DROP/EDROP lists into BGP for an additional $250.

It works as advertized. The BOTNETCC list is only v4/32s and more dynamic
than the other lists. It's up to you to set it up correctly so an accident
doesn't blackhole your own prefixes...or favorite offshore gambling site.
:-p

../C

References:
- Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds
  - From: eric-list at truenet.com (Eric Tykwinski)
- Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds
  - From: johnl at iecc.com (John Levine)

Prev by Date: "trivial" changes to DNS (was: OpenNTPProject.org)
Next by Date: Internet Routing Registries - RADb, etc
Previous by thread: Experiences with Spamhaus BGP DROP, EDROP and BGPCC BGP feeds
Next by thread: Qwest Contact?
Index(es):
- Date
- Thread