mailing list archives
Re: wireless security on notebooks
From: Orlin Gueorguiev <orlin () baturov com>
Date: Sun, 30 Sep 2007 21:40:54 +0200
Blocking incoming packets to your WAN from any private scheme
of IP addresses - 10.0.0.0 – 10.255.255.255 172.16.0.0 – 172.31.255.255
and 192.168.0.0 – 192.168.255.255 - is a good idea. In networking terms
is called IP Spoofing meaning that someone using any IP from the above
range may deceive your firewall settings and interpreted as someone from
your internal network!!
Is there a singularity with these address ranges ?
Yep, those addresses are only for internal usage, they should not be routed in
a WAN! thus blocking them is a good idea. Blocking 127.x.x.x on every
computer/router/etc is a good practice as well, because it should be used
for only internal comunication.