Re: (PM) DoS attack

Jason Hatch (zone@berkshire.net)
Wed, 25 Feb 1998 12:37:01 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Denney: "Re: (PM) DoS attack"
Previous message: Mike Roberts: "RE: (PM) Microcom ISPorte - Compaq 4000"

Why are you blocking reserved addresses? I thought these were unroutable
to begin with?

-Jason

On Wed, 25 Feb 1998, David Denney wrote:

> > > > add filter e.out
> > > > set filter e.out 1 permit Assigned_Address/27
> > > > set filter e.out 2 permit Ether0_Address/32
> > > > set filter e.out 3 deny
> > > > set ether0 ofilter e.out
> > > > save all
>
> > You need to add a permit line for your static address pool as well. I
> > mentioned this in my note quoted above.
>
> I ended up using a different filter, that addresses my problem
> more directly. I have lots of dialup address space, and anybody
> could endup on any portmaster. I restricted the scope of my filter
> to preventing packets destined for the portmaster from leaving.
> It also blocks reserved networks. My border router blocks spoofed
> traffic from leaving my network. It would be nice to have a filter
> that could be applied onto a dialup port that would block source
> addresses other that ones assigned to the port without having to
> have a different filter for each customer.
>
> add filter e.out
> set filter e.out 1 deny 0.0.0.0/0 206.124.x.x/26
> set filter e.out 2 deny 127.0.0.0/8 0.0.0.0/0
> set filter e.out 3 deny 10.0.0.0/8 0.0.0.0/0
> set filter e.out 4 deny 172.0.0.0/12 0.0.0.0/0
> set filter e.out 5 deny 192.168.0.0/16 0.0.0.0/0
> set filter e.out 6 permit
> set ether0 ofilter e.out
> save all
>
>
> --
> David Denney | D i m e n s i o n a l C o m m u n i c a t i o n s |
> daud@dimensional.com | Shell & PPP * $25/mo 33K/56Kbps * $50/mo 64K ISDN |
> 303.285.INET voice | http://www.dimensional.com/ info@dimensional.com |
> 888.3.DIMCOM tollfree | Denver * Boulder * Longmont * Bailey * CO Springs |
>
> protect your freedom, while you still can, finger me for PGP key, use it!
>
> -
> To unsubscribe, email 'majordomo@livingston.com' with
> 'unsubscribe portmaster-users' in the body of the message.
> Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>
>

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: David Denney: "Re: (PM) DoS attack"
Previous message: Mike Roberts: "RE: (PM) Microcom ISPorte - Compaq 4000"