On Sat, Feb 02, 2008 at 05:26:59AM -0600, Tony Abernethy wrote: > elpinguim wrote: > > On Fri, Feb 01, 2008 at 05:28:11PM +0100, Martin Schr?der wrote: > > > 2008/2/1, elpinguim <[EMAIL PROTECTED]>: > > > > Configuring pf to not even respond to unallocated ip space also > > > > helps. Search for Bogon filtering. > > > > > > No. This just adds another way for things to go wrong. KISS. :-) > > > > Really, what things? Script it, set cron to call it, done. Simple. > > > What happens when such as http://www.cymru.com/Documents/bogon-list.html > gets moved to bogon space? > How do you access information from an address that you insist cannot exist? > How doe you script things when the format changes? > > At any rate, why bother spoofing from a bogon address? > It has to be easy to find unused IP addresses in legitimate address blocks.
Assuming that one is relying on a poorly maintained (or abandoned) bogons list. Then, yes I would agree there would be a problem. But if the bogons list is actively reflecting the changes of ip allocation on a daily basis (ie. whois databases from ARIN, RIPE, APNIC) as well as the system thats using it. Would there still be a problem? Not likely. -- i am jack's annoying signature.
