On Wed, 11 Dec 2002 12:59:12 PST, David Gillett <gillettdavidat_private> said: > Reality, therefore, is that packets from these source > addresses are seen on the public Internet, and that any > router/firewall/gateway at a security perimeter should > drop them. Close to 30% of the traffic at the root nameservers have sources in RFC1918 space. This indicates: 1) A lot of systems behind a NAT have broken configurations causing DNS lookups. 2) The NAT itself is broken allowing the 1918 address to escape. 3) The ISP isn't filtering. There's a *lot* of stupid configuration out there. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
This archive was generated by hypermail 2b30 : Thu Dec 12 2002 - 09:26:26 PST