nanog mailing list archives
Re: Land and Cisco question
From: Joe Shaw <jshaw () insync net>
Date: Mon, 24 Nov 1997 02:17:12 -0600 (CST)
On Sun, 23 Nov 1997, Owen DeLong wrote:
Randy Bush said:for each interface on a router block tcp which is both to and from that interfaceI don't think that's sufficient. What about spoofed packets arriving via interface A, with IP source and destination both set to the address of interface B? --apb (Alan Barrett)If you do it with an access-list in then it doesn't matter. Even a spoofed packet will be blocked prior to arriving where it can do harm. Owen
Like the cat in the hat, but I think I follow. I'll come back to this when I'm well and hopefully I'll actually get what you're saying. This flu is killer. Wait... Ok. So I could still kill external links, regardless of source routing. I was only thinking of internal links. If I'm still wrong, somebody let me know. Joe Shaw - jshaw () insync net NetAdmin - Insync Internet Services.
Current thread:
- why not peer with LS disabling networks ?, (continued)
- why not peer with LS disabling networks ? Lyndon Levesley (Nov 23)
- Re: why not peer with LS disabling networks ? John Hawkinson (Nov 23)
- Re: why not peer with LS disabling networks ? Randy Bush (Nov 23)
- Re: why not peer with LS disabling networks ? Paul Ferguson (Nov 24)
- Re: why not peer with LS disabling networks ? Network Operations Center (Nov 24)
- Re: why not peer with LS disabling networks ? John Hawkinson (Nov 24)
- Re: why not peer with LS disabling networks ? Neil J. McRae (Nov 25)
- Re: Land and Cisco question Dean Anderson (Nov 24)
- Re: Land and Cisco question Greg A. Woods (Nov 24)
- Re: Land and Cisco question Joe Shaw (Nov 24)