|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: RFC1918 addresses to permit in for VPN?
On Sun, 31 Dec 2000, Stephen Stuart wrote: > > > No, but putting your car on a private road that you need to circumvent > > several roadblocks to reach IS a pretty good deterrent to its being in an > > accident. > > I doubt the roadblocks are anything serious in most cases; if all > you're doing is RFC1918 addressing, then source-routing on the > attacker's side can probably make your box theirs in short order. Most > people of this ilk I've encountered think so highly of RFC1918 > addressing as a security measure that they blindly assume no other > precautions are necessary. I would hope that no-one on this list would > stoop to *that* level of stupidity. Presenting a "security by > obscurity" argument is bad enough. > > Stephen > > Blocking source-routed packets at the borders will stop this in short order, except for those of you who peer with people who require "loose source routing". (Randy, I believe it was Verio that required this, am I mistaken?) --- John Fraizer EnterZone, Inc
|