At 10:43 PM 7/8/96 -0400, Todd Graham Lewis wrote:
If you have a very restrictive security policy, then you might want to place a packet filter on all outgoing traffic. If your network is 10.1.1.64/26, then you might have the following two rules:
action source destination ------ ------ -----------
allow 10.1.1.64/26 * deny * *
Of course, no one does this, because it is very time consuming for your router to examine every packet in this way. This translates into more marginal cost on your hardware for very little return.
Say that person X, the person who owns the network from which these pings are apparently originating, did have such a filter. What does this do? It proves that the packets are not originating on his network. Does it stop anyone else from forging these packets? No.
Actually it doesn't prove that. The filter would /allow/ the pavckets to pass through the router since they were coming from one of his networks. If everyone else on the planet had such a rule it would prove that it /was/ coming from him. Justin Newton Internet Architect Erol's Internet Services