[Dshield] Unexpected ARP traffic on my internal network

John Hardin johnh at aproposretail.com
Wed Oct 24 20:56:12 GMT 2001


On Wed, 24 Oct 2001, Pieter-Bas IJdens wrote:

> Why not just configure your firewall machine to drop any packet that
> arrives on the external interface and appears to have an internal
> address.

Agreed. This is *basic* firewall security practice.

Also drop all outbound traffic that does not have a source address of your
internal network.

-- 
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 5 days until Daylight Savings Time ends




More information about the list mailing list