[149540] in North American Network Operators' Group
Re: Firewalls in service provider environments
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Tue Feb 7 20:48:36 2012
In-Reply-To: <596B74B410EE6B4CA8A30C3AF1A155EA09CBB5C5@RWC-MBX1.corp.seven.com>
Date: Wed, 8 Feb 2012 07:17:41 +0530
From: Suresh Ramasubramanian <ops.lists@gmail.com>
To: George Bonser <gbonser@seven.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Feb 8, 2012 at 4:04 AM, George Bonser <gbonser@seven.com> wrote:
> I typically also include traffic to/from:
>
> TCP/UDP port 0
> 169.254.0.0/16
> 192.0.2.0/24
> 198.51.100.0/24
> 203.0.113.0/24
>
> Been wondering if I should also block 198.18.0.0/15 as well.
suresh@frodo 17:46:08 :~$ nslookup 1.113.0.203.bogons.cymru.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: 1.113.0.203.bogons.cymru.com
Address: 127.0.0.2
Also available as a bgp feed, for years now. Saves you updating your
martian ACLs from time to time.
--
Suresh Ramasubramanian (ops.lists@gmail.com)
