[Dshield] Private IP addresses

Johannes B. Ullrich jullrich at euclidian.com
Fri Jul 27 13:13:47 GMT 2001

> My ISP doesn't bother to block 192.168 addresses on their own network,

  Overall, there is nothing wrong with an ISP using 'non routable' IPs
for internal machines. The problem is to filter them out on the gateway.
An ISP should not permit any traffic to leave its network with a source
IP that is not part of its public IP range. Also, it should not allow
any traffic in that is originating from non routable IPs.

jullrich at sans.org                    Join http://www.DShield.org
                                     Distributed Intrusion Detection System

More information about the list mailing list