[AusNOG] icmp best practise

Paul Wilkins paulwilkins369 at gmail.com
Mon Nov 23 15:17:45 EST 2015


In addition to the above, on an internet facing router, you should be doing:
1 - anti spoofing
2 - block directed broadcast
3 - control plane policing:

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html

Kind regards

Paul Wilkins

On 23 November 2015 at 15:02, Jonathan Brewer <jon.brewer at gmail.com> wrote:

>
> On 23 November 2015 at 16:15, David Hughes <david at hughes.com.au> wrote:
>
>>
>> Not sure APNIC is the starting point for this.  Team Cymru could be a
>> good first point of reference.
>>
>>         https://www.cymru.com/Documents/icmp-messages.html
>>
>
> This is a very good starting point.
>
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20151123/1a7a74bf/attachment.html>


More information about the AusNOG mailing list