nanog mailing list archives
RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19
From: Sean Donelan <sean () donelan com>
Date: Thu, 17 Feb 2005 03:17:57 -0500 (EST)
On Thu, 17 Feb 2005, Hank Nussbacher wrote:
Martian addresses are relatively static, and might be good candidates for one-click security. If you see a 127.0.0.0/8 packet floating around, its probably up to no good.As are RFC1918 addresses.
Cisco routers are frequently used in enterprise networks, which may use RFC1918 internally. Again, not a good thing to auto-magically do for naive network managers. RFC1918 addresses may or may not be legitimate depending on your network, just like "no ip classless" and the NSA security guide. I would not classify RFC1918 as "Martian" addresses. Of course, if all network equipment did source address validation by default, you wouldn't need bogon filters.
Current thread:
- RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19 Kunjal Trivedi (Feb 16)
- RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19 Sean Donelan (Feb 16)
- RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19 Hank Nussbacher (Feb 17)
- RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19 Sean Donelan (Feb 17)
- RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19 Hank Nussbacher (Feb 17)
- RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19 Sean Donelan (Feb 16)