[812] in bugtraq
Re: Router filtering not enough! (Was: Re: CERT advisory )
daemon@ATHENA.MIT.EDU (Jon Peatfield)
Fri Jan 27 12:36:25 1995
To: Paul Traina <pst@cisco.com>
Cc: jp107@amtp.cam.ac.uk, "Jonathan M. Bresler" <jmb@kryten.Atinc.COM>,
Jim Duncan
<jim@math.psu.edu>, rens@imsi.com, ddrew@mci.net,
firewalls@GreatCircle.COM, bugtraq@fc.net, z056716@uprc.com
In-Reply-To: Your message of "Thu, 26 Jan 1995 10:11:03 PST."
<199501261811.KAA16212@feta.cisco.com>
Date: Fri, 27 Jan 1995 15:05:48 +0000
From: Jon Peatfield <J.S.Peatfield@amtp.cam.ac.uk>
> This breaks people who might have their netmasks set incorrectly on the local
> net.
I was assuming you would configure it to know what local addresses are rather
then expecting it to work them out. So many sites use sub-netting and run
several sub-nets on one ethernet (we do), that determining the "local"
addresses is non trivial. A list of networks/netmasks together with a list of
router MAC addresses should be sufficient.
-- Jon
