[13977] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Land and Cisco question

daemon@ATHENA.MIT.EDU (Joe Shaw)
Sun Nov 23 10:42:49 1997

Date: Sun, 23 Nov 1997 09:17:56 -0600 (CST)
From: Joe  Shaw <jshaw@insync.net>
To: Alan Barrett <apb@iafrica.com>
cc: nanog@merit.edu
In-Reply-To: <Pine.NEB.3.95.971123115214.274B-100000@apb.iafrica.com>

On Sun, 23 Nov 1997, Alan Barrett wrote:

> Randy Bush said:
> > for each interface on a router
> >   block tcp which is both to and from that interface
> 
> I don't think that's sufficient.  What about spoofed packets arriving via
> interface A, with IP source and destination both set to the address of
> interface B? 
> 
> --apb (Alan Barrett)

no ip source-route should fix it.

Joe Shaw - jshaw@insync.net
NetAdmin - Insync Internet Services
Up WAY too early on a Sunday... :)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13977] in North American Network Operators' Group

Re: Land and Cisco question

daemon@ATHENA.MIT.EDU (Joe Shaw)Sun Nov 23 10:42:49 1997

daemon@ATHENA.MIT.EDU (Joe Shaw)
Sun Nov 23 10:42:49 1997