nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RFC1918 addresses to permit in for VPN?

From: "Stephen Sprunk" <ssprunk () cisco com>
Date: Mon, 1 Jan 2001 05:18:47 -0600

Thus spake <mdevney () teamsphere com>

Using RFC1918 space also gets you an IP range where the outside
world has no route to it -- Sorry, but no packets are not getting

there,

ergo no way to hack.

...

At that point, just by use of simple routing, you've effectively
eliminated 100% of attacks from the outside, and you only have to
worry about inside.  The front door is secure, now work on the back
door.


Being convinced you're secure is the surest way to get yourself hacked.
Perfect security is impossible.

Remember, it's not paranoia when they *are* out to get you.

S

     |          |         Stephen Sprunk, K5SSS, CCIE #3723
    :|:        :|:        Network Design Consultant, GSOLE
   :|||:      :|||:       New office: RCDN2 in Richardson, TX
.:|||||||:..:|||||||:.    Email: ssprunk () cisco com
Previous By Date Next
Previous By Thread Next

Current thread: