Date: Fri, 1 Dec 2000 13:04:40 -0500 From: Bird Mr Gregory L <BirdGL@NOC.USMC.MIL> To: "'freebsd-isp@FreeBSD.ORG'" <freebsd-isp@FreeBSD.ORG> Subject: RE: Danger Ports Message-ID: <1988A7BBBD55D3119B4A00902771C45404A01366@host014.noc.usmc.mil>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C05BC1.2CB74D40 Content-Type: text/plain; charset="iso-8859-1" my bad - long day: 172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255 should have read 172.16.0.0 0.15.255.255 = 172.16.0.0:255.240.0.0 = 172.16.0.0 - 172.31.255.255 Greg Bird > Network Security Engineer > USMC MITNOC > Phone: 703-784-5300, DSN 278-5300 > Fax: 703-784-3477, DSN 278-3477 birdgl@noc.usmc.mil CCNA, Network+ -----Original Message----- From: Bird Mr Gregory L Sent: Friday, December 01, 2000 1:02 PM To: 'freebsd-isp@FreeBSD.ORG' Subject: RE: Danger Ports Yes there is overlap...I am not quite sure where you learned how to subnet...but the rest of the world does it: access-list lines: access-list 110 deny ip 172.16.0.0 0.15.255.255 any log access-list 110 deny ip 172.31.0.0 0.0.255.255 any log 172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255 so there is overlap. You might want to refresh yourself a little on your subnetting...or fully caffeinate yourself. Greg Bird Senior Network Security Engineer -----Original Message----- From: William Sommers [mailto:sommers@sfo.com] Sent: Friday, December 01, 2000 11:06 AM To: freebsd-isp@FreeBSD.ORG Subject: Re: Danger Ports At 12:28 AM 12/1/00 -0600, Butch Evans wrote: >> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log >> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log >> >> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log >> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log >> >> Is it me? Isn't the second network in each a subset of the first? >> > Now that I re-read your question, I see what you are saying...You are > correct. Um, unless I'm not yet fully caffeinated: 172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255 172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255 No overlap at all. -wfs To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message ------_=_NextPart_001_01C05BC1.2CB74D40 Content-Type: text/html; charset="iso-8859-1" <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2652.99"> <TITLE>RE: Danger Ports</TITLE> </HEAD> <BODY> <P><FONT SIZE=2>my bad - long day:</FONT> </P> <P><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255 </FONT> <BR><FONT SIZE=2>should have read</FONT> <BR><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.240.0.0 = 172.16.0.0 - 172.31.255.255</FONT> </P> <P><FONT SIZE=2>Greg Bird</FONT> <BR><FONT SIZE=2>> Network Security Engineer</FONT> <BR><FONT SIZE=2>> USMC MITNOC</FONT> <BR><FONT SIZE=2>> Phone: 703-784-5300, DSN 278-5300</FONT> <BR><FONT SIZE=2>> Fax: 703-784-3477, DSN 278-3477</FONT> <BR><FONT SIZE=2>birdgl@noc.usmc.mil</FONT> <BR><FONT SIZE=2>CCNA, Network+</FONT> </P> <BR> <P><FONT SIZE=2>-----Original Message-----</FONT> <BR><FONT SIZE=2>From: Bird Mr Gregory L </FONT> <BR><FONT SIZE=2>Sent: Friday, December 01, 2000 1:02 PM</FONT> <BR><FONT SIZE=2>To: 'freebsd-isp@FreeBSD.ORG'</FONT> <BR><FONT SIZE=2>Subject: RE: Danger Ports</FONT> </P> <BR> <P><FONT SIZE=2>Yes there is overlap...I am not quite sure where you learned how to subnet...but the rest of the world does it:</FONT> </P> <BR> <P><FONT SIZE=2>access-list lines:</FONT> <BR><FONT SIZE=2>access-list 110 deny ip 172.16.0.0 0.15.255.255 any log</FONT> <BR><FONT SIZE=2>access-list 110 deny ip 172.31.0.0 0.0.255.255 any log</FONT> </P> <BR> <P><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255</FONT> </P> <P><FONT SIZE=2>so there is overlap. You might want to refresh yourself a little on your subnetting...or fully caffeinate yourself.</FONT> </P> <BR> <P><FONT SIZE=2>Greg Bird</FONT> <BR><FONT SIZE=2>Senior Network Security Engineer</FONT> </P> <BR> <BR> <P><FONT SIZE=2>-----Original Message-----</FONT> <BR><FONT SIZE=2>From: William Sommers [<A HREF="mailto:sommers@sfo.com">mailto:sommers@sfo.com</A>]</FONT> <BR><FONT SIZE=2>Sent: Friday, December 01, 2000 11:06 AM</FONT> <BR><FONT SIZE=2>To: freebsd-isp@FreeBSD.ORG</FONT> <BR><FONT SIZE=2>Subject: Re: Danger Ports</FONT> </P> <BR> <P><FONT SIZE=2>At 12:28 AM 12/1/00 -0600, Butch Evans wrote:</FONT> </P> <P><FONT SIZE=2> >> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log</FONT> <BR><FONT SIZE=2> >> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log</FONT> <BR><FONT SIZE=2> >></FONT> <BR><FONT SIZE=2> >> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log</FONT> <BR><FONT SIZE=2> >> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log</FONT> <BR><FONT SIZE=2> >></FONT> <BR><FONT SIZE=2> >> Is it me? Isn't the second network in each a subset of the first?</FONT> <BR><FONT SIZE=2> >></FONT> <BR><FONT SIZE=2> > Now that I re-read your question, I see what you are saying...You are</FONT> <BR><FONT SIZE=2> > correct.</FONT> </P> <P><FONT SIZE=2>Um, unless I'm not yet fully caffeinated:</FONT> </P> <P><FONT SIZE=2>172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255</FONT> <BR><FONT SIZE=2>172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255</FONT> </P> <P><FONT SIZE=2>No overlap at all.</FONT> </P> <BR> <P><FONT SIZE=2> -wfs</FONT> </P> <BR> <BR> <P><FONT SIZE=2>To Unsubscribe: send mail to majordomo@FreeBSD.org</FONT> <BR><FONT SIZE=2>with "unsubscribe freebsd-isp" in the body of the message</FONT> </P> </BODY> </HTML> ------_=_NextPart_001_01C05BC1.2CB74D40-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1988A7BBBD55D3119B4A00902771C45404A01366>