Bogon Lists Mirror Outdated
-
Hi Guys,
I think so the server that update a fullbogons list is stopped. The last update was May 12.
http://files.pfsense.org/mirrors/fullbogons-ipv4.txt
http://files.pfsense.org/mirrors/fullbogons-ipv6.txtFor while, I change the script and put Cymru list fullbogons list.
http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt
http://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt -
how often do you think this needs to be updated? Do you even have 1 hit on it? While bogons are a good idea, in reality its kind of pointless..
-
Given IPv4 exhaustion, it is common to see assignments of previously unused ranges for new services.
I had problems on two occasions, one was that my server provider assigned me IPs previously owned by a different country that were on SpamHaus PBL list (causing email failure). Another one was that intercommunication between two servers was being blocked by a router with an outdated SpamHaus DROP list.
TL;DR: It is always a good idea to have Bogon IP lists updated.
-
He didn't say not keeping your bogons list up to date isn't useful, he said having a bogons list is mostly useless. Don't even use it.
-
^ exactly.. And WTF does spamhaus have to do with the bogon list??
So bogon are not suppose to even route on the internet.. So what exactly are you blocking by using this list.. Its like blocking rfc1918 on the public side.. Where would you be seeing rfc1918 on your public side. If you did its clearly bogus traffic that would only be coming from your isp.. So they are going to hit your port forwards and do some sort of what to you? Hack your webserver/email server from this IP address that doesn't even route?
A bogon list is useful, you sure wouldn't want to spread any routes for bogon, etc. But in a firewall blocking traffic.. Is a very very very small % of possible traffic you could see.. I would really be surprised if you ever saw one hit on a bogon list ever..