Firewalls: Re: NYT Article this morning

Firewalls
(January 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: NYT Article this morning
From:	John Adams <jna @ concorde . com>
Date:	Mon, 23 Jan 1995 18:08:48 -0500
To:	firewalls @ GreatCircle . COM, rens @ imsi . com

Old News.

They probably got a copy of the CERT advisory too, and they're reposting
it like it's some sort of new problem. CERT should have just posted this as
part of a monthly FAQ or so, but it's no new threat. People have been
able to do this for a LONG time. Configure your outside routers properly.

Ignore all address from coming from the outside in to block packets from
your domain (sound confusing?) 

Just make sure you're blocking your perimeter's domain address from the outside
so people can't spoof. (see: Ches 'n bellovin's book, or their paper on
the same subject as pointed to by the latest CERT advisory.)

			-john adams

Indexed By Date	Previous:	Re: CERT advisory From: Adam Shostack <adam @ bwh . harvard . edu>
Indexed By Date	Next:	Re: Oracle proxy gw anyone? From: John Adams <jna @ concorde . com>
Indexed By Thread	Previous:	Re: NYT Article this morning From: swlodin @ cs . purdue . edu (Steven W. Lodin)
Indexed By Thread	Next:	Re: NYT Article this morning From: zbo @ netcom . com (James A. Shankland)