ingress filtering

• Previous message (by thread): ingress filtering
• Next message (by thread): ingress filtering
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have the luxury of being able to filter for source address at my ingress
points on only two routers.  That makes it relatively easy to do.  I find
a surprising number of packets with source addresses from inside my
network or from the private IP space.

  Brian

On Thu, 28 May 1998, Mr. Dana Hudes wrote:

> Who *does* do ingress filtering? I have it on our border routers
> and customer connect ports. We have transit from MCI and UUNET.
> Neither has ingress filters -- see below message from MCI on
> this.
> The result of course is that spammers and other bad guys can try
> to attack your systems with forged source IP addresses.
> Random strange people in the 'net send "NETBIOS name service"
> (port 137) packets to my unix mail relay, which of course ignores
> them.
> Other such fun things continue to be seen in the logs.
> 
> 
> Subject: Re: RFC1918 addresses from MCI
>    Date: Thu, 28 May 1998 08:16:23 -0700
>    From: security at mci.net
>       To: dhudes at graphnet.com
>      CC: security at mci.net
> 
> Mr. Hudes,
> 
> 
> Thank you for your note.  MCI does not currently source filter
> address
> space at it's ingress points.  Addresses sourced from
> non-routable or
> invalid addresses are not blocked or filtered.  Addresses
> destined to
> non-routable addresses spaced are not routed.
> 
> If you think it is a security issue and it is on-going then
> please
> contact us with the target address so we can investigate.
> 
> 
> Regards,
> 
> 
> -Julian Min
> 

• Previous message (by thread): ingress filtering
• Next message (by thread): ingress filtering
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]