From owner-freebsd-security Thu Nov 30 11:12:42 2000 Delivered-To: freebsd-security@freebsd.org Received: from giganda.komkon.org (giganda.komkon.org [209.125.17.66]) by hub.freebsd.org (Postfix) with ESMTP id E677737B698 for ; Thu, 30 Nov 2000 11:12:39 -0800 (PST) Received: (from str@localhost) by giganda.komkon.org (8.9.3/8.9.3) id OAA29596; Thu, 30 Nov 2000 14:12:39 -0500 (EST) (envelope-from str) Date: Thu, 30 Nov 2000 14:12:39 -0500 (EST) From: Igor Roshchin Message-Id: <200011301912.OAA29596@giganda.komkon.org> To: freebsd@gndrsh.dnsmgr.net, str@giganda.komkon.org Subject: Re: Danger Ports Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <200011301820.KAA45049@gndrsh.dnsmgr.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > From: "Rodney W. Grimes" > Date: Thu, 30 Nov 2000 10:20:57 -0800 (PST) > <..> > > > > I am not sure if filtering some reserved networks would not stop legible > > traffic for some people. E.g. Home.net (@Home, @Work) > > is using 10.0.0.0 to number their aggregation routers. Thus its > > users will probably suffer if they block this network at the firewall. > > No they won't suffer, reserved networks are reserved, blocking them > at AS boundaries is a BCP, both source and desitnation address. It > does do some funny things to traceroute, but it doesn't effect normal > operations: Yes, you are right. Thanks for correcting me. The will be no problem for general traffic. The only problem would be if one wants to find out which of the ISP's routers is causing the connectivity problem at the particular moment (as I had to do this many times to prove @Work's customer service that _they_ have problems). Thanks, Igor Igor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message