Linux -Blue forest free software | Return to home page | Site Map | Search WWW | Contact Us |
Your current position : Homepage > Free Software > Technological exchanges >Network Communication


    

Blue Forest http://www.lslnet.com at 13:28 on July 26, 2006

ACL queries?


This is what I see in the strengthening of the Internet router security, why do I wan direction of the increase in the acl 101 after line?


First, the security strategy based on the Access List
1. Prevent external IP address spoofing
External network users may use IP addresses the legitimate internal network addresses or loop as a source address, thus illegal visit. In view of such problems could visit the following table : creation
Access-list 101 deny any ip 10.0.0.0 0.255.255.255
Access-list 101 deny any ip 192.168.0.0 0.0.255.255
Access-list 101 deny any ip 172.16.0.0 0.0.255.255
! Stop source address of the private addresses of all communications flow.
Access-list 101 deny any ip 127.0.0.0 0.255.255.255
! Stop source address of the loop address all communications flow.
Access-list 101 deny any ip 224.0.0.0 7.255.255.255
! Stop source address of the multi-purpose address all communications flow.
Access-list 101 deny any ip host 0.0.0.0
! Not set out to prevent the flow of communication source addresses.
Note : in the direction toward the use of 101 external adapter filters.

Deny all

Serious reunification

Thank you, understand.

Not even PERMIT
[ Closed window ]


 Privacy Policy  Copyright © 1999-2000 LSLNET.COM. All rights reserved. Blue Forest website owners. E-mail : Webmaster@lslnet.com