Home page logo
/

basics logo Security Basics mailing list archives

RE: Border Router Question - Ingress Filtering
From: "DeGennaro, Gregory" <Gregory_DeGennaro () csaa com>
Date: Thu, 13 Nov 2003 12:43:05 -0800

Yes, this will take care of everything unless of course they spoof the
permits or attack the established traffic like someone tried on me the other
day ...

They usually itemize the denies so there is better tracking, however this is
not always necessary.

I hope you have a big syslog server ... :-)

--Greg

-----Original Message-----
From: erisk [mailto:erisk () iinet net au] 
Sent: Tuesday, November 11, 2003 11:12 PM
To: security-basics () securityfocus com
Subject: Border Router Question - Ingress Filtering

Border routers ACL In rule

Acl in
permit tcp any host ***.***.***.**6
permit tcp any host ***.***.***.**5
permit tcp any host ***.***.***.**4
permit tcp any host ***.***.***.**3
deny ip any any log

The firewall then filters on a port level.

My question is if they are denying all IPs other that what is specified in
the list is it necessary to then add the standard spoofing deny rules (ie
drop localhost, mulicast, RFC1918 addresses etc)? This will be taken care of
the deny ip any any rule would it not?


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to

simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]