[23772] in North American Network Operators' Group
Re: address spoofing
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Thu Apr 22 20:52:06 1999
From: bmanning@vacation.karoshi.com
To: dts@senie.com (Daniel Senie)
Date: Thu, 22 Apr 1999 17:56:33 -0700 (PDT)
Cc: randy@psg.com, nanog@merit.edu
In-Reply-To: <371FBC56.7CB076E1@senie.com> from "Daniel Senie" at Apr 22, 99 08:18:30 pm
Errors-To: owner-nanog-outgoing@merit.edu
> > anyone have clues other than net slime and misconfigured nats?
>
> I actually have never seen a NAT box do this (but would like to hear
> about such cases). The NAT implementations I've worked with have been
> extremely good about avoiding leaks.
On a related issue, yesterday I discovered a number of sites that
claimed to have a firewall in place with RFC 1918 space on one side
and Internet space on the other. on investigation, it turned out
that the firwall was a router, routing the RFC 1918 space and consisted of
specific ACLs for services.
I came away impressed.
--bill
