Security Basics mailing list archives
RE: Router Packet Filtering and Firewalls
From: Rich MacVarish <rmacvarish () killergeek com>
Date: Fri, 31 Jan 2003 08:07:32 -0500 (EST)
Greetings, RFC 1918 specifies the reserved "private use" networks which should never be seen across the public Internet. RFC 2827 filtering specifies preventin a network's users from spoofing other networks by preventing any outbound traffic on your network that does not have a source address in your organization's own IP range. When RFC 2827 filtering is implemented at the ISP, this filtering can help prevent DDoS attack packets that use these addresses as sources from traversing the WAN link, potentially saving bandwidth during the attack. At the very least is your ISP filtering the RFC 1918 addresses and RFC 2827 filtering guidlines upon installation?. If they aren't I would say that qualifies as negligence (maybe even stupidity). That said, you are right, they are just being lazy. Unfortunaely, having worked with many, many carriers I can say that this is more the rule than the exception. Rich Macvarish Unemployed Network Security Administrator "Insert whimsical signature file here"
Current thread:
- RE: Router Packet Filtering and Firewalls Trevor Cushen (Jan 31)
- RE: Router Packet Filtering and Firewalls Paul Stewart (Feb 02)
- <Possible follow-ups>
- Re: Router Packet Filtering and Firewalls Sean Smith (Jan 31)
- RE: Router Packet Filtering and Firewalls Fitzgerald, John (Feb 05)
- RE: Router Packet Filtering and Firewalls Rich MacVarish (Feb 05)