address spoofing

• Previous message (by thread): address spoofing
• Next message (by thread): address spoofing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

everybody seems to be focussed on the 1918 space packets and the
explanations seem half reasonable.  as Daniel Senie <dts at senie.com> said,
the rules of the road say i should not be seeing packets from 1918 space.
i.e. at best these come from broken places.

but the uglier symptoms are packets from my own address space

    deny ip 147.28.0.0 0.0.255.255 any (6 matches)

the loopback network

    deny ip 127.0.0.0 0.255.255.255 any (375 matches)

and attempts on 111 and 2049

    deny udp any any eq sunrpc (9 matches)
    deny tcp any any eq 2049 (494 matches)

randy

• Previous message (by thread): address spoofing
• Next message (by thread): address spoofing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]