RE: Border Router Question - Ingress Filtering

From: DeGennaro, Gregory (Gregory_DeGennaro_at_csaa.com)
Date: 11/13/03

  • Next message: Anders Reed-Mohn: "Re: Border Router Question - Ingress Filtering"
    To: erisk <erisk@iinet.net.au>, security-basics@securityfocus.com
    Date: Thu, 13 Nov 2003 12:43:05 -0800
    
    

    Yes, this will take care of everything unless of course they spoof the
    permits or attack the established traffic like someone tried on me the other
    day ...

    They usually itemize the denies so there is better tracking, however this is
    not always necessary.

    I hope you have a big syslog server ... :-)

    --Greg

    -----Original Message-----
    From: erisk [mailto:erisk@iinet.net.au]
    Sent: Tuesday, November 11, 2003 11:12 PM
    To: security-basics@securityfocus.com
    Subject: Border Router Question - Ingress Filtering

    Border routers ACL In rule

    Acl in
    permit tcp any host ***.***.***.**6
    permit tcp any host ***.***.***.**5
    permit tcp any host ***.***.***.**4
    permit tcp any host ***.***.***.**3
    deny ip any any log

    The firewall then filters on a port level.

    My question is if they are denying all IPs other that what is specified in
    the list is it necessary to then add the standard spoofing deny rules (ie
    drop localhost, mulicast, RFC1918 addresses etc)? This will be taken care of
    the deny ip any any rule would it not?

    ---------------------------------------------------------------------------
    Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
    The Presidio integrates PGP data encryption and XML Web Services security to

    simplify the management and deployment of PGP and reduce overall PGP costs
    by up to 80%.
    FREE WHITEPAPER & 30 Day Trial -
    http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
    The Presidio integrates PGP data encryption and XML Web Services security to
    simplify the management and deployment of PGP and reduce overall PGP costs
    by up to 80%.
    FREE WHITEPAPER & 30 Day Trial -
    http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
    ----------------------------------------------------------------------------


  • Next message: Anders Reed-Mohn: "Re: Border Router Question - Ingress Filtering"

    Relevant Pages

    • RE: military strike possible?
      ... >> considering that intelligence can't even tell a Chinese embassy from ... > Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE ... > The Presidio integrates PGP data encryption and XML Web Services ...
      (Security-Basics)
    • RE: military strike possible?
      ... decide to come up with for a solution to a possible attack you must come ... Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE ... The Presidio integrates PGP data encryption and XML Web Services ...
      (Security-Basics)
    • Re: MS Admin frendily *nix distrobution / Re: to the RE:s Windows IDS
      ... My first suggestion here would be: see if there's a Linux User's Group ... |>> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE ... |>> The Presidio integrates PGP data encryption and XML Web Services ...
      (Security-Basics)
    • Re: military strike possible?
      ... Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE ... FREE WHITEPAPER & 30 Day Trial - ...
      (Security-Basics)
    • RE: email gateway (transparent)
      ... Subject: email gateway (transparent) ... > Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE ... > The Presidio integrates PGP data encryption and XML Web Services ...
      (Security-Basics)