Security Basics mailing list archives

RE: Router Packet Filtering and Firewalls

From: Rich MacVarish <rmacvarish () killergeek com>
Date: Fri, 31 Jan 2003 08:07:32 -0500 (EST)

Greetings,

RFC 1918 specifies the reserved "private use" networks which should never
be seen across the public Internet.

RFC 2827 filtering specifies preventin a network's users from spoofing
other networks by preventing any outbound traffic on your network that
does not have a source address in your organization's own IP range. When
RFC 2827 filtering is implemented at the ISP, this filtering can help
prevent DDoS attack packets that use these addresses as sources from
traversing the WAN link, potentially saving bandwidth during the attack.

At the very least is your ISP filtering the RFC 1918 addresses and RFC
2827 filtering guidlines upon installation?. If they aren't I would say
that qualifies as negligence (maybe even stupidity).

That said, you are right, they are just being lazy.

Unfortunaely, having worked with many, many carriers I can say that this
is more the rule than the exception.

Rich Macvarish
Unemployed Network Security Administrator

"Insert whimsical signature file here"

Current thread:

RE: Router Packet Filtering and Firewalls Trevor Cushen (Jan 31)
- RE: Router Packet Filtering and Firewalls Paul Stewart (Feb 02)
- <Possible follow-ups>
- Re: Router Packet Filtering and Firewalls Sean Smith (Jan 31)
- RE: Router Packet Filtering and Firewalls Fitzgerald, John (Feb 05)
- RE: Router Packet Filtering and Firewalls Rich MacVarish (Feb 05)