>On Tuesday 24 October 2006 15:22, Davide Libenzi wrote: >> On Tue, 24 Oct 2006, CLEMENT Francis wrote: >> > Hello >> > >> > This post is not directly xmail or glst related, but I don't know where >> > to post at this time for informations. >> > >> > Trying to use the content of glst-lame.dbm to generate some local >> > blacklist, i noticed that some entries indicate 192.168 private network ! >> > >> > As my internal network don't use this class B, I don't understand ! >> > >> > Does it means my server was under ip spoofing attacks ? >> > >> > Does this mean that some weak routers on internet route rfc 1918 subnets >> > to me ? >> >> In theory yes, but the closer the spoofer is to you, the lesser routers >> will have to go through. >
Thanks Davide, its exactly what I think >When I first started managing my own internet access, I had rules in my >firewall to drop any private IPs coming from the outside. I went years >without a single hit on those rules. I eventually decided it wasn't worth the >CPU cycles to check every new connection for impossible packets and deleted >those rules. Maybe I should reconsider... > >Jeff I did the same on my firewalls after considering these subnets could never reach my network per rfc 1918 statements ! But it seems many Internet connection providers never read rfc's or apply them correctly :-( (its so easy to sell expensive options like firewall boxes that will do that should normally be the basic.) Now I will reinstall rules for rfc 1918 filtering :( Francis - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]