do bogon filters still help?

["Steven M. Bellovin" <smb () cs columbia edu>]

Every time IANA allocates new prefixes, we're treated to complaints about 
sites that are not reachable because they're in the new space and some 
places haven't updated their bogon filters.  My question is this:  have we 
reached a point where the bogon filters are causing more pain than they're 
worth? 

The Team Cymru web page (http://www.cymru.com/Bogons/index.html) gives
some justification, but I think the question should be revisited.  First, 
as the page (and the associated presentation) note, most of the 
benefit comes from filtering obvious stuff -- 0/8, 127/8, and 
"class" D and E source addresses.  Second, the study is about 5 
years old, maybe more; attack patterns have changed since then.  
Third, considerably more address space has been allocated; this 
means that the percentage of address space that can be considered bogus is 
significantly smaller.  Possibly, there are more sites doing edge 
filtering, but I'd hate to count on that.  

So -- I'd like people to re-examine the question.  Does anyone have more 
recent data on the frequency of bogons as a percentage of attack 
packets?  What would that number look like if you filtered just the 
obvious -- the ranges given above, plus the RFC 1918 prefixes?  Are 
your defenses against non-spoofed attacks really helped by the extra 
filtering?

                --Steven M. Bellovin, http://www.cs.columbia.edu/~smb