On Mon, Sep 17, 2001 at 12:50:26AM +0100, Pedro Corte-Real wrote: > I know they are: > > 10.0.0.0 - 10.255.255.255
10.0.0.0:255.0.0.0 aka 10.0.0.0/8 > 172.16.0.0 - 172.31.255.255 172.16.0.0:255.240.0.0 aka 172.16.0.0/12 > 192.168.0.0 - 192.168.255.255 192.168.0.0:255.255.0.0 aka 192.168.0.0/16 In addition you should block the link-local net and perhaps all multicast networks, if you are shure you do not use them. 127.0.0.0/8 Loopback 224.0.0.0/4 multicast 169.254.0.0/16 Microsoft Link Local Of course much more important is to block packets with your local network as source (maybe even destination if you do NAT). And to block outgoing spoofed and leaking (i.e. with your internal sender address) outgoing pacets in the egress filter. Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE (O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
