Spoofing, defense?
fbsd_user
fbsd_user at a1poweruser.com
Sun Sep 7 12:45:38 PDT 2003
I have not read anything about using this "#RFC 1918 private IP" in
IPFILTER rule set.
Is this a valid phrase?
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Guilmot
Mike
Sent: Sunday, September 07, 2003 9:24 AM
To: Alex Zivenko; freebsd-questions at freebsd.org
Subject: Re: Spoofing, defense?
Alex Zivenko wrote:
> Everybody know what is spoofing.
> How can I protect my server from it? It's a router to the
internet,
> but some of my friends spoof the address and go thrue the router.
> Firewall can't protect.
> Any suggestions?
Follow an ipf howto/tutorial.
There are MANY of them around.
In my firewall I prevent it like:
# Anti-spoof, no loggin [ I hate reading them ;-) ]
block in quick on rl0 from 192.168.0.0/16 to any #RFC 1918 private
IP
block in quick on rl0 from 172.16.0.0/12 to any #RFC 1918 private IP
block in quick on rl0 from 10.0.0.0/8 to any #RFC 1918 private IP
block in quick on rl0 from 127.0.0.0/8 to any #loopback
block in quick on rl0 from 0.0.0.0/8 to any #loopback
block in quick on rl0 from 169.254.0.0/16 to any #DHCP auto-config
block in quick on rl0 from 192.0.2.0/24 to any #reserved for doc's
block in quick on rl0 from 204.152.64.0/23 to any #Sun cluster
interconnect
block in quick on rl0 from 224.0.0.0/3 to any #Class D & E multicast
Hope this was what you meant ...
Kind regards,
Guilmot Mike
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list