From owner-freebsd-security  Thu Oct 14  2:39: 6 1999
Delivered-To: freebsd-security@freebsd.org
Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162])
	by hub.freebsd.org (Postfix) with SMTP id 0E67B153C2
	for <freebsd-security@FreeBSD.ORG>; Thu, 14 Oct 1999 02:38:47 -0700 (PDT)
	(envelope-from sthaug@nethelp.no)
Received: (qmail 67023 invoked by uid 1001); 14 Oct 1999 09:38:46 +0000 (GMT)
To: avalon@coombs.anu.edu.au
Cc: jkb@best.com, roberto@keltia.freenix.fr,
	freebsd-security@FreeBSD.ORG
Subject: Re: anti-spoofing
From: sthaug@nethelp.no
In-Reply-To: Your message of "Thu, 14 Oct 1999 19:24:19 +1000 (EST)"
References: <199910140924.TAA27074@cheops.anu.edu.au>
X-Mailer: Mew version 1.05+ on Emacs 19.34.2
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Date: Thu, 14 Oct 1999 11:38:46 +0200
Message-ID: <67021.939893926@verdi.nethelp.no>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> >  deny   ip 224.0.0.0 0.15.255.255 any log
> 
> That's a bad range to block - well, maybe not if you have no intention of using multicast.

No, it's a good range to block. Always. Because you never want to have
multicast addresses as *source* address.

Steinar Haug, Nethelp consulting, sthaug@nethelp.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message