North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: RFC1918 addresses to permit in for VPN?

  • From: Stephen Sprunk
  • Date: Mon Jan 01 06:23:38 2001

Thus spake <[email protected]>
> Using RFC1918 space also gets you an IP range where the outside
> world has no route to it -- Sorry, but no packets are not getting
there,
> ergo no way to hack.
...
> At that point, just by use of simple routing, you've effectively
> eliminated 100% of attacks from the outside, and you only have to
> worry about inside.  The front door is secure, now work on the back
> door.

Being convinced you're secure is the surest way to get yourself hacked.
Perfect security is impossible.

Remember, it's not paranoia when they *are* out to get you.

S

     |          |         Stephen Sprunk, K5SSS, CCIE #3723
    :|:        :|:        Network Design Consultant, GSOLE
   :|||:      :|||:       New office: RCDN2 in Richardson, TX
.:|||||||:..:|||||||:.    Email: [email protected]