North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ingress filtering
I have the luxury of being able to filter for source address at my ingress points on only two routers. That makes it relatively easy to do. I find a surprising number of packets with source addresses from inside my network or from the private IP space. Brian On Thu, 28 May 1998, Mr. Dana Hudes wrote: > Who *does* do ingress filtering? I have it on our border routers > and customer connect ports. We have transit from MCI and UUNET. > Neither has ingress filters -- see below message from MCI on > this. > The result of course is that spammers and other bad guys can try > to attack your systems with forged source IP addresses. > Random strange people in the 'net send "NETBIOS name service" > (port 137) packets to my unix mail relay, which of course ignores > them. > Other such fun things continue to be seen in the logs. > > > Subject: Re: RFC1918 addresses from MCI > Date: Thu, 28 May 1998 08:16:23 -0700 > From: [email protected] > To: [email protected] > CC: [email protected] > > Mr. Hudes, > > > Thank you for your note. MCI does not currently source filter > address > space at it's ingress points. Addresses sourced from > non-routable or > invalid addresses are not blocked or filtered. Addresses > destined to > non-routable addresses spaced are not routed. > > If you think it is a security issue and it is on-going then > please > contact us with the target address so we can investigate. > > > Regards, > > > -Julian Min >
|