On Tue, 12 Feb 2002, Rajeev Kumar wrote: > Antispoofing and IP based restriction may be option here also. > Example: (let's say I want to deny traffic from network 192.168.0.0/24 on > internal interface)
That doesn't stop an internal user on the same subnet from "stealing" a valid IP address. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
