On Thu, 17 Feb 2005, Hank Nussbacher wrote: > >Martian addresses are relatively static, and might be good candidates for > >one-click security. If you see a 127.0.0.0/8 packet floating around, its > >probably up to no good. > > As are RFC1918 addresses.
Cisco routers are frequently used in enterprise networks, which may use RFC1918 internally. Again, not a good thing to auto-magically do for naive network managers. RFC1918 addresses may or may not be legitimate depending on your network, just like "no ip classless" and the NSA security guide. I would not classify RFC1918 as "Martian" addresses. Of course, if all network equipment did source address validation by default, you wouldn't need bogon filters.
