Date: Sun, 7 Sep 2003 15:45:35 -0400 From: "fbsd_user" <fbsd_user@a1poweruser.com> To: "Guilmot Mike" <malenki@pandora.be>, "Alex Zivenko" <twistfire@rambler.ru>, <freebsd-questions@freebsd.org> Subject: RE: Spoofing, defense? Message-ID: <MIEPLLIBMLEEABPDBIEGEEBPEFAA.fbsd_user@a1poweruser.com> In-Reply-To: <002201c37543$49d01c60$0100a8c0@guilmot2cimcs9>
next in thread | previous in thread | raw e-mail | index | archive | help
I have not read anything about using this "#RFC 1918 private IP" in IPFILTER rule set. Is this a valid phrase? -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Guilmot Mike Sent: Sunday, September 07, 2003 9:24 AM To: Alex Zivenko; freebsd-questions@freebsd.org Subject: Re: Spoofing, defense? Alex Zivenko wrote: > Everybody know what is spoofing. > How can I protect my server from it? It's a router to the internet, > but some of my friends spoof the address and go thrue the router. > Firewall can't protect. > Any suggestions? Follow an ipf howto/tutorial. There are MANY of them around. In my firewall I prevent it like: # Anti-spoof, no loggin [ I hate reading them ;-) ] block in quick on rl0 from 192.168.0.0/16 to any #RFC 1918 private IP block in quick on rl0 from 172.16.0.0/12 to any #RFC 1918 private IP block in quick on rl0 from 10.0.0.0/8 to any #RFC 1918 private IP block in quick on rl0 from 127.0.0.0/8 to any #loopback block in quick on rl0 from 0.0.0.0/8 to any #loopback block in quick on rl0 from 169.254.0.0/16 to any #DHCP auto-config block in quick on rl0 from 192.0.2.0/24 to any #reserved for doc's block in quick on rl0 from 204.152.64.0/23 to any #Sun cluster interconnect block in quick on rl0 from 224.0.0.0/3 to any #Class D & E multicast Hope this was what you meant ... Kind regards, Guilmot Mike _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGEEBPEFAA.fbsd_user>