Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Filtering bogons and other undesirables
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Filtering bogons and other undesirables
Filtering bogons and other undesirables
15-08-2013 3:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I use the netfilter ipset module and iptables to drop any incoming traffic from addresses covered by several blocklists. Since moving to Plus.net, I'm not seeing hits against the 'fullbogons' list from Team Cymru or the Spamhaus list. Are you filtering all bogons, including allocated but unassigned ranges, and/or the Spamhaus list at your end? I can stop wasting CPU cycles, if so Now that my phone line has been fixed, I'll be running mail and web servers again, hence the filtering on my end...
Message 1 of 5
(1,051 Views)
4 REPLIES 4
Re: Filtering bogons and other undesirables
15-08-2013 4:00 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
We have Cloudmark mail filtering appliances in front of our inbound mail platform but I'm assuming that's not what you're referring to? I'm assuming it's direct SMTP mail to your IP that you're talking about. There will be protection across the broadband network but I can't tell you for sure whether we're relying on the two lists you're asking about. I can try and find out for you if you like (and assuming I've understood your question correctly)?
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Message 2 of 5
(575 Views)
Re: Filtering bogons and other undesirables
15-08-2013 5:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Yeah, I'm referring to filtering in front of the broadband network. I would've expected packets with bogon source addresses to be hitting my firewall occasionally, if they weren't being blocked upstream. It's no big deal, more a case of protecting my low power server from aggressive bots, without running an IDS...
Message 3 of 5
(575 Views)
Re: Filtering bogons and other undesirables
15-08-2013 8:58 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I've misread "would've" as wouldn't have, yesterday was a long one. Yes in answer to the question then, we do block bogons on the edge of the network, I think its about 13 prefixes at the moment.
Plusnet Staff - Lead Network Design/Delivery Engineer
Message 4 of 5
(575 Views)
Re: Filtering bogons and other undesirables
16-08-2013 11:40 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks I would've been a bit worried if you weren't filtering the basic reserved address spaces at the edge... The 'full bogons' list includes allocated but unassigned blocks and covers 4902 prefixes at last count. Given the lack of hits, I suspect that having iptables intercept all unsolicited traffic, on any port, from any netblock within the fullbogons list was a tad zealous on my part!
Message 5 of 5
(575 Views)
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Filtering bogons and other undesirables