9 Jul
2003
9 Jul
'03
9:34 a.m.
On Thu, 10 Jul 2003, Michael Newbery wrote:
How effective is it in practice? Any statistics? It occurs to me that if you could spoof the BGP advert you would have a remarkably effective DoS :-)
MD5 auth is good, restricting the number of blackhole adverts that can be sent (if you're doing it to a centralised blackhole router) is another good limiter. Also, only allowing people to blackhole /24 -> /32 netblocks, rather than allowing them to cut off their entire network (because you just know that someone will) is probably beneficial. --David