On Monday 17 September 2001 01:22, Bernd Eckenfels wrote: > On Mon, Sep 17, 2001 at 12:50:26AM +0100, Pedro Corte-Real wrote: > > I know they are: > > > > 10.0.0.0 - 10.255.255.255 > > 10.0.0.0:255.0.0.0 aka 10.0.0.0/8 > > > 172.16.0.0 - 172.31.255.255 > > 172.16.0.0:255.240.0.0 aka 172.16.0.0/12 > > > 192.168.0.0 - 192.168.255.255 > > 192.168.0.0:255.255.0.0 aka 192.168.0.0/16 > > In addition you should block the link-local net and perhaps all multicast > networks, if you are shure you do not use them. > > 127.0.0.0/8 Loopback > 224.0.0.0/4 multicast > 169.254.0.0/16 Microsoft Link Local
All these are blocked now, thanks > > Of course much more important is to block packets with your local network > as source (maybe even destination if you do NAT). And to block outgoing > spoofed and leaking (i.e. with your internal sender address) outgoing > pacets in the egress filter. > How do I do this? > Greetings > Bernd
