cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
225
Views
0
Helpful
1
Replies

ip verify-reverse path on PIX 515

ewieczorek
Beginner
Beginner

Hello.

In an effort to protect my network from IP Spoofing, I was thinking about applying the "ip verify-reverse path" command to my inside and outside interfaces.

Just curious as to if anyone uses this command or has any other suggestions.

Thank you!

1 Reply 1

bfl1
Beginner
Beginner

Absolutely you should implement this feature. I also suggest that you implement RFC 1918 filtering... blocking the 10 net, 192.168.x.x, and 172.16 - 172.31.x.x addresses from coming into your network from the internet... these addresses should never traverse the internet... they are common sources of spoofed addresses in denial of service attacks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers