Mailinglist Archive: opensuse-security (605 mails)
| < Previous | Next > |
RE: [suse-security] how to detect spoofing hosts
- From: Boris Lorenz <bolo@xxxxxxx>
- Date: Wed, 31 Oct 2001 09:27:28 +0100 (CET)
- Message-id: <XFMail.011031092728.bolo@xxxxxxx>
Yup,
On 30-Oct-01 Andreas Achtzehn wrote:
>> From: Kurt Seifried [mailto:listuser@xxxxxxxxxxxx]
>>
>> Reserved class A's you should NEVER see traffic from (at
>> least until they start getting desperate for IP's):
>>
>> 0.0.0.0/255.0.0.0
>> 1.0.0.0/255.0.0.0
>> [...]
>
> Where do you derive that information from? Right now some of the
> networks
> still belong to IANA (--> unused), but how can a system administrator be
>
> sure that the network won't be opened within the next few days? In worst
> case
> I'd deny access to my network for 254^3 IPs.
updates concerning reserved IANA netblocks can be found on
http://www.iana.org/assignments/ipv4-address-space . Take a look at it every
month or so...
All the address blocks marked as "IANA - Reserved" should be blocked on the FW;
no legitimate traffic should come from there.
> Regards, Andreas
Boris Lorenz <bolo@xxxxxxx>
---
On 30-Oct-01 Andreas Achtzehn wrote:
>> From: Kurt Seifried [mailto:listuser@xxxxxxxxxxxx]
>>
>> Reserved class A's you should NEVER see traffic from (at
>> least until they start getting desperate for IP's):
>>
>> 0.0.0.0/255.0.0.0
>> 1.0.0.0/255.0.0.0
>> [...]
>
> Where do you derive that information from? Right now some of the
> networks
> still belong to IANA (--> unused), but how can a system administrator be
>
> sure that the network won't be opened within the next few days? In worst
> case
> I'd deny access to my network for 254^3 IPs.
updates concerning reserved IANA netblocks can be found on
http://www.iana.org/assignments/ipv4-address-space . Take a look at it every
month or so...
All the address blocks marked as "IANA - Reserved" should be blocked on the FW;
no legitimate traffic should come from there.
> Regards, Andreas
Boris Lorenz <bolo@xxxxxxx>
---
| < Previous | Next > |