In message <19990902114412.S13951@Space.Net>, "Gert Doering, Netmaster" writes:
Interesting enough, we don't observe many attacks - what we do see is LOTS of broken end user configurations (leaking RFC 1918 networks, customers leaking IP addresses from other ISPs, ...).
Talk about it. I don't log RFC1918 addresses anymore I just drop them. Some cheap NAT routers don't NAT UDP just pass it through. Most spoofed src attacks I've heard about happen from hi-jacked servers, so remember filters on your server parks too, in particular for co-hosted servers. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far!