The SANS site http://www.sans.org/dosstep/ list some IP's that should be
blocked from leaving a firewall. The code in the stopMartians function
of (Dachstein) ipfilter.conf blocks all but one of the addresses listed
in that document. The exception is
192.0.2.0/24 - TEST-NET
ipfilter.conf has the rule
$IPCH -A $LIST -j DENY -p all -s 192.0.0.0/24 -d 0/0 -l $*
Is that a typo?
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
