Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19

• Previous message (by thread): Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19
• Next message (by thread): NANOG Changes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 17 Feb 2005, Hank Nussbacher wrote:
> >Martian addresses are relatively static, and might be good candidates for
> >one-click security.  If you see a 127.0.0.0/8 packet floating around, its
> >probably up to no good.
>
> As are RFC1918 addresses.

Cisco routers are frequently used in enterprise networks, which may use
RFC1918 internally.  Again, not a good thing to auto-magically do for
naive network managers.  RFC1918 addresses may or may not be legitimate
depending on your network, just like "no ip classless" and the NSA
security guide.

I would not classify RFC1918 as "Martian" addresses.

Of course, if all network equipment did source address validation by
default, you wouldn't need bogon filters.

• Previous message (by thread): Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19
• Next message (by thread): NANOG Changes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]