Date: Sun, 03 Oct 1999 16:05:02 -0400 (EDT) From: Will Andrews <andrews@TECHNOLOGIST.COM> To: Dmitriy Bokiy <ratebor@cityline.ru> Cc: FreeBSD Security ML <freebsd-security@FreeBSD.ORG> Subject: RE: anti-spoofing Message-ID: <XFMail.991003160502.andrews@TECHNOLOGIST.COM> In-Reply-To: <10882.991003@cityline.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 03-Oct-99 Dmitriy Bokiy wrote: > I know it was discussed earlier but I failed to find it in archives. > Besides IANA site is not very clear about it. > > Where can I find _the complete_ list of addresses to be blocked? > Should I follow > http://www.isi.edu/in-notes/iana/assignments/ipv4-address-space > and block all "IANA - Reserved" and "IANA - Multicast" and what else? At a minimum, the RFC1918 (unregistered source addresses RFC) IP addresses should be blocked from passing through your outside interface: 192.168.0.1:255.255.0.0 (192.168.0.1 -> 192.168.255.255) 172.16.0.1:255.16.0.0 (172.16.0.1 -> 172.31.255.255) 10.0.0.1:255.0.0.0 (10.0.0.1 -> 10.255.255.255) See the RFC for more information. You could also consider consulting the mailing list archives for freebsd-security@FreeBSD.ORG. -- Will Andrews <andrews@technologist.com> GCS/E/S @d- s+:+>+:- a--->+++ C++ UB++++ P+ L- E--- W+++ !N !o ?K w--- ?O M+ V-- PS+ PE++ Y+ PGP+>+++ t++ 5 X++ R+ tv+ b++>++++ DI+++ D+ G++>+++ e->++++ h! r-->+++ y? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.991003160502.andrews>