From owner-freebsd-security Mon Jul 24 15:33:46 2000 Delivered-To: freebsd-security@freebsd.org Received: from relay1.inwind.it (relay1.inwind.it [212.141.53.67]) by hub.freebsd.org (Postfix) with ESMTP id B92EB37BD7B for ; Mon, 24 Jul 2000 15:33:41 -0700 (PDT) (envelope-from bartequi@inwind.it) Received: from bartequi.ottodomain.org (212.141.79.199) by relay1.inwind.it; 25 Jul 2000 00:33:40 +0200 From: Salvo Bartolotta Date: Mon, 24 Jul 2000 23:34:56 GMT Message-ID: <20000724.23345600@bartequi.ottodomain.org> Subject: Re: Problems with natd and simple firewall To: Richard Martin Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <397CCEAC.ECC9CCA6@origen.com> References: <397CCEAC.ECC9CCA6@origen.com> X-Mailer: SuperCalifragilis X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<< On 7/25/00, 12:18:04 AM, Richard Martin wrote=20 regarding Re: Problems with natd and simple firewall: > On the other hand, I do see packets hitting the other inbound RFC 1918= =20 filters > from time to time. Someone should have a talk with those routers... = A low > level concern, but still a concern I have regularly (maybe I should say "systematically") been=20 logging RFC-1918-spoofed packets coming through my ISP in the past few=20 months. I have also been using a closed (stateful) packet filter.=20 Needless to say, I phoned my ISP "technicians", I also sent mail, but=20 I still regularly see those packets almost every day. What's more,=20 this is, er, a big national (!) ISP in my country. The (IPv4) 'Net may be insecure by ... definition, but this kind of=20 thoughtlessness seems to me even worse. =20 Best regards, Salvo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message