Mailinglist Archive: opensuse-security (605 mails)

< Previous Next >
RE: [suse-security] how to detect spoofing hosts
  • From: Boris Lorenz <bolo@xxxxxxx>
  • Date: Wed, 31 Oct 2001 09:27:28 +0100 (CET)
  • Message-id: <XFMail.011031092728.bolo@xxxxxxx>
Yup,

On 30-Oct-01 Andreas Achtzehn wrote:
>> From: Kurt Seifried [mailto:listuser@xxxxxxxxxxxx]
>>
>> Reserved class A's you should NEVER see traffic from (at
>> least until they start getting desperate for IP's):
>>
>> 0.0.0.0/255.0.0.0
>> 1.0.0.0/255.0.0.0
>> [...]
>
> Where do you derive that information from? Right now some of the
> networks
> still belong to IANA (--> unused), but how can a system administrator be
>
> sure that the network won't be opened within the next few days? In worst
> case
> I'd deny access to my network for 254^3 IPs.

updates concerning reserved IANA netblocks can be found on
http://www.iana.org/assignments/ipv4-address-space . Take a look at it every
month or so...

All the address blocks marked as "IANA - Reserved" should be blocked on the FW;
no legitimate traffic should come from there.

> Regards, Andreas

Boris Lorenz <bolo@xxxxxxx>
---

< Previous Next >
References