Re: [nsp] Forwarding packets with source address of 127.x

From: Basil V. Dolmatov (dol@east.ru)
Date: Thu Jan 06 2000 - 16:35:49 EST


On Thu, 6 Jan 2000, Tim Wolfe wrote:

> > According to RFC 1812, section 5.3.7, a router should not forward packets
> > with a source address in 127.x.y.z... However, several DOS style attacks
> > seem
> > to show this happening.
> >
> > Has Cisco in the past said they would not follow the RFC here, or is it a
> > bug?
>
> Are you sure it isn't one of those pieces of cra^H^HBa^H^HNortel Networks
> routers that's forwarding those packets? ;)
I am sure that Cisco boxes forward them too.. :(
I have several packets per day in my inbouned ACLs, coming from Cisco's.

>

---------------------------------------------------------
Basil (Vasily) Dolmatov CCIE #5347, CCNP-Security, CCDA
East Connection ISP, Moscow, Russia. (http://www.east.ru)



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:08 EDT