nanog mailing list archives
Re: Firewalls in service provider environments
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Wed, 8 Feb 2012 07:17:41 +0530
On Wed, Feb 8, 2012 at 4:04 AM, George Bonser <gbonser () seven com> wrote:
I typically also include traffic to/from: TCP/UDP port 0 169.254.0.0/16 192.0.2.0/24 198.51.100.0/24 203.0.113.0/24 Been wondering if I should also block 198.18.0.0/15 as well.
suresh@frodo 17:46:08 :~$ nslookup 1.113.0.203.bogons.cymru.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: 1.113.0.203.bogons.cymru.com Address: 127.0.0.2 Also available as a bgp feed, for years now. Saves you updating your martian ACLs from time to time. -- Suresh Ramasubramanian (ops.lists () gmail com)
Current thread:
- Re: Firewalls in service provider environments, (continued)
- Re: Firewalls in service provider environments William Herrin (Feb 07)
- Re: Firewalls in service provider environments Matthew Reath (Feb 07)
- Re: Firewalls in service provider environments Matt Buford (Feb 07)
- Re: Firewalls in service provider environments Matthew Reath (Feb 08)
- Re: Firewalls in service provider environments Christopher Morrow (Feb 08)
- Re: Firewalls in service provider environments Matthew Reath (Feb 08)
- Re: Firewalls in service provider environments Henry Yen (Feb 08)
- Re: Firewalls in service provider environments David Walker (Feb 09)
- RE: Firewalls in service provider environments George Bonser (Feb 07)
- Re: Firewalls in service provider environments Jared Mauch (Feb 07)
- Re: Firewalls in service provider environments Suresh Ramasubramanian (Feb 07)
- Re: Firewalls in service provider environments Steve Bertrand (Feb 07)
- Re: Firewalls in service provider environments Suresh Ramasubramanian (Feb 07)