I tend to agree here.
I have noticed so many attacks etc coming from
APNIC as of recent that on our corp network we have an ACL
to block a number of APNIC blocks.
If there was a dynamic method to add null0 routes to
identified zombies, I think that would help.
IE. security company A provides a feed (BGP etc)
to null route zombies that it has identified.
But that opens a whole other can of worms.....
J
## On 2003-07-31 09:27 -0400 McBurnett, Jim typed:
I tend to agree here.
I have noticed so many attacks etc coming from
APNIC as of recent that on our corp network we have an ACL
to block a number of APNIC blocks.
If there was a dynamic method to add null0 routes to
identified zombies, I think that would help.
IE. security company A provides a feed (BGP etc)
to null route zombies that it has identified.
You may want to ask Rob Thomas about that
(especially since he was involved in this thread)