[25247] in North American Network Operators' Group
Re: Martian list of IP's to block???
daemon@ATHENA.MIT.EDU (rfuller@3x.com)
Fri Oct 1 08:09:38 1999
To: "John M. Brown" <jmbrown@ihighway.net>
Cc: nanog@merit.edu
Message-ID: <OF1A472F67.E919BB88-ON852567FD.0041BD2C@3x.com>
From: rfuller@3x.com
Date: Fri, 1 Oct 1999 08:02:23 -0400
MIME-Version: 1.0
Content-type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
I used the ones Cisco outlined in their document IOS Essentials every ISP
Should Know. Here is a copy of the list I use for out clients:
deny ip host 0.0.0.0 any log
deny ip 127.0.0.0 0.255.255.255 any log
deny ip 10.0.0.0 0.255.255.255 any log
deny ip 172.16.0.0 0.15.255.255 any log
deny ip 192.168.0.0 0.0.255.255 any log
deny ip xxx.xxx.xxx.0 0.0.0.255 any log
deny ip 224.0.0.0 31.255.255.255 any log
We are denyingy anyone that claims that their IP address is 0.0.0.0,
Loopback addresses, all of the RFC 1918 addresses, address coming into us
claiming they belong to our subnet, and multicast addresses. It seems to
work for us. I also turn of ip directed broadcasts to minimize smurf/DoS
attacks. If you would like a copy of the document I used, let me know and
I'll e-mail a copy to you.
Ron Fuller, CCDP, CCNP-ATM, CCNP-Security, MCNE, MCP
3X Corporation
rfuller@3x.com
"John M. Brown" <jmbrown@ihighway.net>@merit.edu on 10/01/99 04:18:29 AM
Sent by: owner-nanog@merit.edu
To: nanog@merit.edu
cc:
Subject: Martian list of IP's to block???
working on a document and was wondering if people could provide
the various versions of the Martian list that is used...
thanks
