nanog mailing list archives

Re: SYN spoofing

From: Deepak Jain <deepak () ai net>
Date: Wed, 28 Jul 1999 16:49:21 -0400 (EDT)



The thread I was responding to refered to filtering all routes 
(outbound) except those sourced from customers'/internal addresses.

Regards,

Deepak Jain
AiNET

On Wed, 28 Jul 1999, Mike Heller wrote:

I have an access list that I apply to all of our incoming interfaces that 
blocks the announcement of 127.0.0.1, 192.168.0.0, 10.0.0.0, and 
172.16.0.0.  It never changes. I don't see the stated impact on management.

Mike

On Wed, 28 Jul 1999, Dan Hollis wrote:


On Wed, 28 Jul 1999, Deepak Jain wrote:

While it is easy, it is not always practical because you often have 
customers who advertise thousands of prefixes.


Why would this have any impact on filtering rfc1918 and other invalid nets
like 127.0.0.0/8 and 255.255.255.255?

Or perhaps someone could explain a valid reason to route these addresses.

-Dan

Current thread:

Re: SYN spoofing, (continued)
- - - Re: SYN spoofing Forrest W. Christian (Jul 28)
    - Re: SYN spoofing Deepak Jain (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing batz (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing Jeremy Porter (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing Jeremy Porter (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing John Fraizer (Jul 30)
- Re: SYN spoofing Deepak Jain (Jul 28)