15 Jul
2000
15 Jul
'00
1:14 a.m.
In article <Pine.BSF.4.21.0007141956280.95155-100000@overlord.e-gerbil.net>, "Richard A. Steenbergen" <ras@e-gerbil.net> wrote:
I still have not seen a single compelling arguement which says you gain one bit more security by filtering RFC1918-source'd packets. It is useless at best, and disruptive at worst.
I don't know my TCP/IP stack well enough, but what happens when a host with multiple interfaces, one of which is assigned an RFC1918 address, receives an packet through another interface with a source address the same RFC1918 address. Are the stacks smart enough to realize the packet is really an external packet, or will they assume the packet came from inside.