[13976] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Land and Cisco question

daemon@ATHENA.MIT.EDU (Alan Barrett)
Sun Nov 23 05:05:36 1997

Date: Sun, 23 Nov 1997 11:54:06 +0200 (GMT+0200)
From: Alan Barrett <apb@iafrica.com>
To: nanog@merit.edu
In-Reply-To: <m0xZLdV-0007zWC@rip.psg.com>

Randy Bush said:
> for each interface on a router
>   block tcp which is both to and from that interface

I don't think that's sufficient.  What about spoofed packets arriving via
interface A, with IP source and destination both set to the address of
interface B? 

--apb (Alan Barrett)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13976] in North American Network Operators' Group

Re: Land and Cisco question

daemon@ATHENA.MIT.EDU (Alan Barrett)Sun Nov 23 05:05:36 1997

daemon@ATHENA.MIT.EDU (Alan Barrett)
Sun Nov 23 05:05:36 1997