Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Boris Lorenz (bololupa.de)
Date: Fri Jan 19 2001 - 05:36:49 CST
On 19-Jan-01 Richard wrote:
> On Friday 19 January 2001 10:57, you wrote:
>> You will find the revised list on
>> www.isi.edu/iana/assignments/ipv4-address-space, or here:
>> INTERNET PROTOCOL ADDRESS SPACE
>> The allocation of Internet Protocol version 4 (IPv4) address space
>> to various registries is listed here. Originally, all the IPv4
>> address spaces was managed directly by the IANA. Later parts of
>> the address space were allocated to various other registries to
>> manage for particular purposes or regional areas of the world. RFC
>> 1466 documents most of these allocations.
> Now all I have to do is try to understand what to do with it :))
IANA used to assign any netblock on the internet, from 000/8 to 255/8. After a
while they decided to transfer the authority for certain address space ranges
to other registrars like RIPE, APNIC, DENIC, ARIN and so forth.
There are still a number of netblocks assigned to IANA, so if you build
firewalls you may want to exclude these from normal traffic because there are no
users or hosts in these reserved ranges who may contact you. Connection
attempts from these address ranges are most certainly spoofed and should be
If you use ipchains, all you have to do is to block these ranges. Like this:
ipchains -A input -i eth0 -s 18.104.22.168/8 -j DENY -l
This command line denies access for any host in the range 22.214.171.124/8 and logs
connection attempts to your syslog. 126.96.36.199/8 (as you can see from my list
posted earlier) still is reserved by IANA and should be blocked. Dito with
other ranges which are marked "IANA - Reserved".
You should check back to IANAs website from time to time for updates.
Just don't block any ranges currently managed by other registrars than IANA
because some of these netblocks may have been given to ISPs. If you block them,
some users of these ISPs would not be able to contact you anymore.
Hope this helps.
--- Boris Lorenz <bololupa.de> System Security Admin *nix - *nux ---
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com