On Thu, 29 Aug 2002 18:21:07 -0000, wykkydziplip.com said:

> Three scenarios, both based on the facts that (1) ZoneAlarm is host-based,
> ans (2) 10.x is not an internet-routable protocol (as in, no router will
> forward it outside of your own network):

An *AMAZING* number of routers will forward these things out into the Internet.

An even more amazing number of ISPs fail to do proper ingress routing to stop
borked packets from their customers entering into the Internet at large.

The fact that RFC1918 space (10.x.x.x, etc) isn't usable on the public
network (by definition) doesn't mean that you won't see inbound packets
with RFC1918 source addresses.

-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Exmh version 2.5 07/13/2001

iD8DBQE9b9ficC3lWbTT17ARAj+RAKCEMJu1z2Dp0yYtPWoBwVYZL2GQpgCfaL3k eEjCxqaJUpQko6O5+9tF7RI= =WP0a -----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]