For a good list of what to block inbound on your serial interfaces, see Rob Thomas' 
excellent
Secure IOS Config page:  
http://www.cymru.com/~robt/Docs/Articles/secure-ios-template.html

See access-list 2010 specifically.  Lots of other great tips and tweaks in there as 
well.

Only things to be sure to add to this list of RFC1918 & unallocated IP space are your 
own
internal IP's (which should never appear inbound at your edge interfaces...) , and of 
course the all important PERMIT IP ANY ANY at the end of the list if you don't want to 
take your net down. ;-)

also see the SANS site for the top 20 (or whatever) ports to block with Cisco routers. 
Layered defense is a beautiful thing. Take advantage of ACL's.

HTH,

Joe

>>> Jon Vandiveer <[EMAIL PROTECTED]> 11/29/01 10:57AM >>>
Securing Cisco Routers
http://www.cisco.com/warp/public/707/21.html
http://www.cisco.com/warp/public/707/3.html
http://www.cisco.com/warp/public/707/4.html


You should block RFC 1918 addresses at your perimeter routers.
I used to have a list of the reserved addresses, but cannot find them right
now.
Multicast and broadcast should be blocked, unless needed for some reason.

Jon


Date:    Wed, 28 Nov 2001 19:10:59 +0530
From:    Mohan Sundar <[EMAIL PROTECTED]>
Subject: How to block Spoofing ??

Hi All,

    I have seen many IP addreess tried to establish connection with my
network, I came to know this from my firewall log  but these  are not really
from Original hosts. I feel somebody is spoofing the IP and attacking my
network.. hence I would like to block this spoofing,
Is anybody know how to block this spoofing? and IS there any special
software available to identify spoofing?
I feel the spoofing option provided by checkpoint is not effective..
Since it can block pockets which arrives to external NIC with Private
IP/LocalNet IP addresses only...
Any input regarding Spoofing is appreciated..

Thanks & regards,
MOHi




Jon Vandiveer
[EMAIL PROTECTED]

"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
rm -rf /bin/laden

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Reply via email to