North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19

  • From: Sean Donelan
  • Date: Thu Feb 17 03:21:16 2005

On Thu, 17 Feb 2005, Hank Nussbacher wrote:
> >Martian addresses are relatively static, and might be good candidates for
> >one-click security.  If you see a 127.0.0.0/8 packet floating around, its
> >probably up to no good.
>
> As are RFC1918 addresses.

Cisco routers are frequently used in enterprise networks, which may use
RFC1918 internally.  Again, not a good thing to auto-magically do for
naive network managers.  RFC1918 addresses may or may not be legitimate
depending on your network, just like "no ip classless" and the NSA
security guide.

I would not classify RFC1918 as "Martian" addresses.

Of course, if all network equipment did source address validation by
default, you wouldn't need bogon filters.