[13989] in North American Network Operators' Group
Re: Land and Cisco question
daemon@ATHENA.MIT.EDU (Joe Shaw)
Mon Nov 24 03:22:05 1997
Date: Mon, 24 Nov 1997 02:17:12 -0600 (CST)
From: Joe Shaw <jshaw@insync.net>
To: Owen DeLong <owen@DeLong.SJ.CA.US>
cc: nanog@merit.edu, apb@iafrica.com
In-Reply-To: <199711240555.VAA03243@dixon.DeLong.SJ.CA.US>
On Sun, 23 Nov 1997, Owen DeLong wrote:
>
> > Randy Bush said:
> > > for each interface on a router
> > > block tcp which is both to and from that interface
> >
> > I don't think that's sufficient. What about spoofed packets arriving via
> > interface A, with IP source and destination both set to the address of
> > interface B?
> >
> > --apb (Alan Barrett)
> >
> >
> If you do it with an access-list in then it doesn't matter. Even a spoofed packet
> will be blocked prior to arriving where it can do harm.
>
> Owen
Like the cat in the hat, but I think I follow. I'll come back to this
when I'm well and hopefully I'll actually get what you're saying. This
flu is killer.
Wait... Ok. So I could still kill external links, regardless of source
routing. I was only thinking of internal links. If I'm still wrong,
somebody let me know.
Joe Shaw - jshaw@insync.net
NetAdmin - Insync Internet Services.
