[Dshield] @home users: ICMP echo: ?

John Hardin johnh at aproposretail.com
Tue May 29 20:36:56 GMT 2001

BarkerJr wrote:
> Tracing route to over a maximum of 30 hops

192.168.x.x is a reserved-for-private-use netblock. Any traceroute
you try on it will be totally useless.

Your ISP should be blocking the following networks (both source and
destination) at their backbone feeds and on internal routers. Contact
your ISP and complain - you might even get results if they're
clueful...     (<- loopback, should never be "on the wire")

If they whinge about performance, tell them eight rules (or four rules
and four routes) aren't a big deal, and they should obey the RFCs and
also be good network citizens, as this is useful in DDoS prevention.

Personally I get a kick out of somebody scanning me from a
reserved-private network address. Nothing shouts SCRIPT KIDDIE L33T
HAX0R WANNABE louder than that... "You can't even configure your own
flippin' network connection and you think you're going to crack *me*?"


John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
 6 days until A2K++ session 2 begins

More information about the list mailing list